Detecting .NET/C# injection (Execute-Assembly)

Example #1 — svchost spawned by explorer or vssapi
Example #1 — additional stats

--

--

--

Cyber Security enthusiast, detection developer and engineer, researcher, consultant.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Automatic RSS Feeds Data Collection on Kaggle using BeautifulSoup and Scheduled Notebook Run

USB: a web developer perspective

A Journey To Python Django

Java Is More Like English Than You Think

How I created a Server-less React App with failOver

Gilbane Advisor 7–14–20 — perceiving, DSM, web 3.0, microservices

Career Launcher Sis Login

Career Launcher Sis Login

Passed my AWS Certified Cloud Practitioner ( CLF-C01 ) 2021 Exam! No Dumps!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
redhead0ntherun

redhead0ntherun

Cyber Security enthusiast, detection developer and engineer, researcher, consultant.

More from Medium

Nicknaming Contract Addresses to Prevent Mistakes & Identify Scams

Self-justification & ‘isms’

$MYT And $eMYT :