Back To Schedule
Saturday, June 25 • 4:00pm - 5:00pm
Process Ventriloquism

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This talk will present and outline various techniques for the manipulation of processes at runtime in the Windows environment. Attendees will leave with a better understanding of how the Windows API functions are leveraged by attackers to extract the contents of memory, inject shellcode into other processes and how functions can be hooked and rerouted to execute malicious code. The different techniques used to manipulate processes will be discussed with provided examples. Penetration testers and defensive security people alike will benefit from learning just how tools such as meterpreter are able to inject themselves into and manipulate processes.

avatar for Spencer McIntyre

Spencer McIntyre

As a member of the Research and Development team at SecureState, Spencer McIntyre works to discover vulnerabilities within organizations systems and understand the underlying risks. Mr. McIntyre balances his focus between vulnerability and in-house tool development. During his time... Read More →

Saturday June 25, 2016 4:00pm - 5:00pm EDT
Grog Shop (upstairs)