第二章-执行与注入技术
0-创建线程注入(CreateThread Injection)1-创建纤程注入(CreateFiber Injection)2-创建远程线程注入(CreateRemoteThread Injection)3-创建堆注入(HeapCreate Injection)4-创建线程池注入(CreateThreadpoolWait Injection)5-进程镂空注入(Process Hollowing Injection)6-DLL镂空注入(DLL Hollowing Injection)7-DLL劫持注入(涉及白加黑)8-映射注入(Mapping Injection)9-MapViewOfFile+NtMapViewOfSection10-挂钩注入(SetWindowsHookEx Injection)11-注册表注入12-设置上下文劫持注入(SetContext Hijack Injection)13-剪贴板注入(Clipboard Injection)14-突破session 0远程线程注入15-枚举RWX区域注入16-APC注入(APC Injection)17-APC & NtTestAlert Injection18-APC劫持19-Early Bird20-基于资源节加载shellcode21-内核回调表注入(KernelCallbackTable Injection)22-自举的代码幽灵——反射DLL注入(Reflective DLL Injection)23-内存申请总结24-移动或复制shellcode总结25-shellcode执行总结