all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Creating Payloads with ScareCrow to Mimic Reputable Sources and Bypass Anti-Virus

Add to bookmarks
April 17, 2024, 5:42 p.m. | Cybertech Maven

InfoSec Write-ups - Medium infosecwriteups.com

This write-up discusses using ScareCrow to create payload frameworks for side loading (not injecting) into a legitimate Windows process, bypassing Application Whitelisting controls.

After loading the DLL loader into memory, a technique is employed to flush an Endpoint Detection & Response (EDR) hook out of the system DLLs running in the process’s memory. This technique is successful because it is known that the EDR’s hooks are placed when a process is launched.

ScareCrow can target and manipulate DLLs in memory …

hacker hacking hacking tools linux penetration testing

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

Honeypots 101: A Beginner’s Guide to Honeypots 14 hours ago | infosecwriteups.com
art attacker attackers attacks +19
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI 1 day, 2 hours ago | infosecwriteups.com
ai anti-malware can companies +29
The Diamond Model: Simple Intelligence-Driven Intrusion Analysis 1 day, 15 hours ago | infosecwriteups.com
analysis continue cyber cybersecurity +18
Analysis of Competing Hypotheses: How to Find Plausible Answers 1 day, 15 hours ago | infosecwriteups.com
analysis continue cybersecurity discover +10
Devvortex Hackthebox Walkthrough 1 day, 15 hours ago | infosecwriteups.com
cybersecurity htb htb-walkthrough htb-writeup +1
Port Scanning for Bug Bounties 1 day, 15 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
TryHackMe - Mr. Robot CTF 1 day, 15 hours ago | infosecwriteups.com
ctf linux security tryhackme
Threat Modeling: A Staple of Great Cyber Threat Intelligence 1 day, 15 hours ago | infosecwriteups.com
attacks continue cyber cybersecurity +20
How to Optimize Data Sources: Collection Management Framework 1 day, 15 hours ago | infosecwriteups.com
collecting collection continue cybersecurity +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs