Search Evasion Techniques

Names, Techniques, Definitions, Keywords

Search Result

1 item(s) found so far for this keyword.

DNS API Injection Process Manipulating

Overwriting DNS memory functions to facilitate process injection. Sysmon v10 supports logging DNS queries. This feature that intercepts all the DNS requests on a monitored host, and if possible, maps them to the process name making that request. It is a nice addition to Sysmon’s already awesome logging capabilities.

If we can locate the address of dnsapi.dll in a remote …

Read More