hasherezade / Persistence_demos
Demos of various (also non standard) persistence methods used by malware
Stars: ✭ 122
persistence_demos
Demos for the presentation "Wicked malware persistence methods".
- com_hijack - loads a demo DLL via COM hijacking
- extension_hijack - hijacks extensions handlers in order to run a demo app while the file with the given extension is opened
- shim_persist - installs a shim that injects a demo DLL into explorer.exe
- restricted_directory - drops a PE into a restricted directory (that cannot be accessed or deleted), and launches it
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].