Walking the Process Environment Block (PEB) - How-To Discover In-Memory Libraries | allinfosecnews.com

Feb. 2, 2023, 7 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

There are a several key internal structures in the Windows operating system that are regularly used to obtain non-standard functionality. The process environment block, commonly referred to as the PEB, is one of those structures. In this video, we'll discuss the overall structure of the peb and use WinDbg to view it's structure. We'll also look at a sample program that walks the peb to find the base of NTDLL and discuss how this code works and how you can …

base block discover discuss environment find how-to internal key memory non operating system process program standard system video windbg windows

More from www.youtube.com / Dr Josh Stroschein

MM#02 - Uncover Program Behavior! Build a Sample Program to Investigate w/ Process Explorer | … 4 days, 7 hours ago | www.youtube.com

basics build episode explorer +12

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 1 week ago | www.youtube.com

basics explorer focus information +9

Malware Mondays?!? Learn more 1 week, 3 days ago | www.youtube.com

Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 3 weeks ago | www.youtube.com

artifact data goal learn +11

MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 1 month ago | www.youtube.com

amadey artifacts capture data +11

Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month ago | www.youtube.com

artifact data goal learn +11

Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 1 month ago | www.youtube.com

assembly disassembly effectively ghidra +9

Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 1 month, 1 week ago | www.youtube.com

analysis debugging development easy +18

Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 1 month, 2 weeks ago | www.youtube.com

analysis can default dive +16

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India

View on infosec-jobs.com

Oracle EBS DevSecOps Developer

@ Accenture Federal Services | Arlington, VA

View on infosec-jobs.com

Information Security GRC Specialist - Risk Program Lead

@ Western Digital | Irvine, CA, United States

View on infosec-jobs.com

Senior Cyber Operations Planner (15.09)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

AI Cybersecurity Architect

@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)

View on infosec-jobs.com