Skip to content

hasherezade/persistence_demos

master
Switch branches/tags
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

persistence_demos

Build status

Demos for the presentation "Wicked malware persistence methods".

  • com_hijack - loads a demo DLL via COM hijacking
  • extension_hijack - hijacks extensions handlers in order to run a demo app while the file with the given extension is opened
  • shim_persist - installs a shim that injects a demo DLL into explorer.exe
  • restricted_directory - drops a PE into a restricted directory (that cannot be accessed or deleted), and launches it

About

Demos of various (also non standard) persistence methods used by malware

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published