all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Walking the Process Environment Block (PEB) - How-To Discover In-Memory Libraries

Add to bookmarks
Feb. 2, 2023, 7 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

There are a several key internal structures in the Windows operating system that are regularly used to obtain non-standard functionality. The process environment block, commonly referred to as the PEB, is one of those structures. In this video, we'll discuss the overall structure of the peb and use WinDbg to view it's structure. We'll also look at a sample program that walks the peb to find the base of NTDLL and discuss how this code works and how you can …

base block discover discuss environment find how-to internal key memory non operating system process program standard system video windbg windows

Visit resource

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 1 month ago | www.youtube.com
basics episode explorer focus +10
MM#02 - Uncover Program Behavior! Build a Sample Program to Investigate w/ Process Explorer | … 1 month, 1 week ago | www.youtube.com
basics build episode explorer +12
Malware Mondays?!? Learn more 1 month, 2 weeks ago | www.youtube.com
learn malware
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month, 3 weeks ago | www.youtube.com
artifact data goal learn +11
MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 2 months, 1 week ago | www.youtube.com
amadey artifacts capture data +11
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 2 months, 1 week ago | www.youtube.com
artifact data goal learn +11
Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 2 months, 1 week ago | www.youtube.com
assembly disassembly effectively ghidra +9
Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 2 months, 2 weeks ago | www.youtube.com
analysis debugging development easy +18
Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 2 months, 3 weeks ago | www.youtube.com
analysis can default dive +16

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com