all InfoSec news
.NET Hooking – Harmonizing Managed Territory
Jan. 8, 2024, 1:20 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Research by: Jiri Vinopal
Key Points
- Check Point Research (CPR) provides an introduction to .NET managed hooking using the Harmony library.
- We cover the most common examples of implementation using different types of Harmony patches.
- The practical example using Harmony hooking to defeat the notorious “ConfuserEx2” obfuscator results in the “ConfuserEx2_String_Decryptor” tool.
- CPR reveals a neat trick how to combine both debugging and hooking using the Harmony library (Harmony hooking from the dnSpyEx debugging context).
Introduction
For a malware researcher, …
check check point examples harmony hooking implementation introduction key key points library managed obfuscator patches point points research results tool types
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
XDR Detection Engineer
@ SentinelOne | Italy
Security Engineer L2
@ NTT DATA | A Coruña, Spain
Cyber Security Assurance Manager
@ Babcock | Portsmouth, GB, PO6 3EN
Senior Threat Intelligence Researcher
@ CloudSEK | Bengaluru, Karnataka, India
Cybersecurity Analyst 1
@ Spry Methods | Washington, DC (Hybrid)
Security Infrastructure DevOps Engineering Manager
@ Apple | Austin, Texas, United States