In Your Mems

In Your Mems was a talk that I gave at BSides Delaware on 10/7/16.

A topic dear to my heart, popping Windows with the added benefit of completely bypassing all (then current) Antivirus solutions.

In the talk I describe the process of memory evasion. Using evasion procedures such as Local Memory Injection or the Veil Framework and introduced a new method of cross-process memory injection without detection. The talk was recorded and can be viewed below. My PowerPoint slides and my code can also be downloaded below, and no I did not include the shellcode.

PowerPoint (PDF)

GitHub Repository

Presentation Videos

Native (Direct)

Streaming

References

(link #1) MalwareBytes AntiRansomware

(link #2) Antivirus Deleting System Files