Master Linux process injection and defenses in new Academy Module

The

Linux Process Injections & Detections

module introduces various Linux process injection techniques, from basic to advanced, from both local and remote standpoints. It focuses on how ELF sections and dynamic-linking structures can be abused for execution flow hijacking and evasion while overriding potential memory protections. It also explores the various detection opportunities and dynamic analysis techniques that can be employed for prevention and mitigation tasks.

Key learning outcomes:

Understand key ELF structures and procfs pseudo-files commonly involved in process injection techniques
Explore techniques such as return address overwriting and stack based hijacking used in binary exploitation
Learn how to use the ptrace syscall offensively and defensively
Discover how auditd can support detection and analysis of process injection techniques

1200x630 - Linux Process Injections & Detections