Cybersecurity

An Introduction to Module Stomping

28 sec read2 views0 listens

Module stomping is introduced as a technique for Windows process injection that overwrites the .text section of a loaded, signed DLL to evade detection. This method involves identifying a target module, writing a payload to its memory space, and executing it via a new thread. Cybersecurity professionals and malware researchers should be aware of this advanced evasion tactic used to bypass traditional security measures.

Read the full article at InfoSec Write-ups - Medium

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Recent malware campaigns are exploiting Steam community profiles for command-and-control operations and utilizing deceptive interfaces to steal sensitive AI tokens from developers. Security professionals now have access to specialized analysis tools ...

Ali Nemati

Cybersecurity4 hours ago30 sec read

Update: The Ending of My $500 Loss and Web Cache Poisoning Story.

A web cache poisoning vulnerability previously discovered was updated, revealing the account involved was deactivated and the disputed $500 charge was refunded, likely due to a bank dispute. While the vulnerability turned out to be a duplicate, the e...

Ali Nemati

Cybersecurity4 hours ago26 sec read

SPIP RCE + Docker SUID Escape | THM Publisher

A detailed walkthrough demonstrated exploiting a SPIP CMS vulnerability (CVE-2023-27372) for remote code execution, followed by privilege escalation to root via a Docker SUID escape. This showcases advanced penetration testing techniques, including i...

Ali Nemati

Cybersecurity4 hours ago26 sec read

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

This guide provides a practical walkthrough of Splunk's Search Processing Language (SPL) from a Security Operations Center (SOC) analyst's perspective, covering searching, filtering, structuring, transforming, and anomaly detection. Developers and se...

Ali Nemati

Cybersecurity4 hours ago28 sec read

Security Affairs newsletter Round 580 by Pierluigi Paganini - INTERNATIONAL EDITION

Cybersecurity agencies have added critical flaws in SolarWinds and the Linux kernel to the list of known exploited vulnerabilities requiring immediate remediation. Tech professionals must address a nineteen-year-old root bug in Linux and new zero-day...

Ali Nemati

An Introduction to Module Stomping

Related Articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Update: The Ending of My $500 Loss and Web Cache Poisoning Story.

SPIP RCE + Docker SUID Escape | THM Publisher

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

Security Affairs newsletter Round 580 by Pierluigi Paganini - INTERNATIONAL EDITION