Search Evasion Techniques
Names, Techniques, Definitions, Keywords
1 item(s) found so far for this keyword.
Overwriting DNS memory functions to facilitate process injection. Sysmon v10 supports logging DNS queries. This feature that intercepts all the DNS requests on a monitored host, and if possible, maps them to the process name making that request. It is a nice addition to Sysmon’s already awesome logging capabilities.
If we can locate the address of dnsapi.dll in a remote …