العربية
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#waitingthreadhijacking نتائج البحث

hasherezade's profile picture. Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
hasherezade
 @hasherezade
١٤ أبريلم

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

_CPResearch_'s profile picture. Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team.
Check Point Research
@_CPResearch_
١٤ أبريلم

Thread Execution Hijacking is one of the well-known methods that can be used to run implanted code. In this blog we introduce a new injection method, that is based on this classic technique, but much stealthier - Waiting Thread Hijacking. Read More : research.checkpoint.com/2025/waiting-t…

_CPResearch_'s tweet card. Research by: hasherezade Key Points Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves...
Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking - Check Point Research
المصدر: research.checkpoint.com
2
110
265
135
82ألف
14
137
457
144
71ألف
sixtyvividtails's profile picture. Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
sixtyvividtails
 @sixtyvividtails
١٢ مايوم

#WaitingThreadHijacking + #ContextJail == Waitless Thread Hijacking. Algo: 1. Jail any running remote tgt thread with 99 jailers. 2. Read tgt stack. 3. RtlVirtualUnwind tgt thread to find ret address stack slot. 4. Apply ret address hijack and unjail tgt. x.com/hasherezade/st…

hasherezade's profile picture. Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
hasherezade
 @hasherezade
١٤ أبريلم

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

14
137
457
144
71ألف
0
2
13
13
4ألف
sixtyvividtails's profile picture. Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
sixtyvividtails
 @sixtyvividtails
٦ مايوم

1. Pause thread midway in exploit races (even ⓪). 2. Or block entire CPU core. Kernel APCs run at APC_LEVEL (🤯), so thread scheduling kinda disabled (think priority == ∞). 3. Or build upon @⁠hasherezade's work & enhance #WaitingThreadHijacking — making it, in fact, Waitless.

1
1
12
2
2ألف
sixtyvividtails's profile picture. Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
sixtyvividtails
 @sixtyvividtails
١٢ مايوم

#WaitingThreadHijacking + #ContextJail == Waitless Thread Hijacking. Algo: 1. Jail any running remote tgt thread with 99 jailers. 2. Read tgt stack. 3. RtlVirtualUnwind tgt thread to find ret address stack slot. 4. Apply ret address hijack and unjail tgt. x.com/hasherezade/st…

hasherezade's profile picture. Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
hasherezade
 @hasherezade
١٤ أبريلم

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

14
137
457
144
71ألف
0
2
13
13
4ألف
sixtyvividtails's profile picture. Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
sixtyvividtails
 @sixtyvividtails
٦ مايوم

1. Pause thread midway in exploit races (even ⓪). 2. Or block entire CPU core. Kernel APCs run at APC_LEVEL (🤯), so thread scheduling kinda disabled (think priority == ∞). 3. Or build upon @⁠hasherezade's work & enhance #WaitingThreadHijacking — making it, in fact, Waitless.

1
1
12
2
2ألف
hasherezade's profile picture. Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
hasherezade
 @hasherezade
١٤ أبريلم

My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking

_CPResearch_'s profile picture. Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team.
Check Point Research
@_CPResearch_
١٤ أبريلم

Thread Execution Hijacking is one of the well-known methods that can be used to run implanted code. In this blog we introduce a new injection method, that is based on this classic technique, but much stealthier - Waiting Thread Hijacking. Read More : research.checkpoint.com/2025/waiting-t…

_CPResearch_'s tweet card. Research by: hasherezade Key Points Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves...
Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking - Check Point Research
المصدر: research.checkpoint.com
2
110
265
135
82ألف
14
137
457
144
71ألف
لا توجد نتائج لـ "#waitingthreadhijacking"
لا توجد نتائج لـ "#waitingthreadhijacking"

Something went wrong.


Something went wrong.


United States Trends