A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Memory-Based Library Loading: Someone Did That Already. - Casey Rosini Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Memory-Based Library Loading: Someone Did That Already.
Casey Rosini
Derbycon 2017

The technique of using memory-based library loading has been around for a number of years. It is available in different forms and for different operating systems. It has been popularized in the security-space with long-standing techniques perhaps even longer than some are aware. And here I thought that I found or did some new evasion. This talk discusses a library for Windows that is still maintained but has been seemingly overlooked for over a decade (or has it?), and how it can be used against the next-generation securing of the digitals.

Casey has been living a dream of the software development and security industries for just over 10 years. With an early exposure to security research and development, he has endured many sleepless nights of analyzing Microsoft Patch Tuesday releases, coding sprees, and even compliance and regulatory initiatives for commercial and government sectors. In recent years he has provided technical leadership within global security operations, developed frameworks for security awareness initiatives, and conducted large-scale application security assessments and penetration tests. His background is in security research, software development, static & dynamic software security analysis, reverse engineering all the things, and reading a lot of technical documents and source code.

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast