Overview What You Will Learn Curriculum Instructor

Course Overview

Modern attackers increasingly rely on stealthy and sophisticated techniques to gain persistence, escalate privileges, and evade defenses. Process Injection stands at the forefront of these tactics, allowing malicious code to run under the guise of legitimate processes. This course provides a comprehensive exploration of process injection across Windows and Linux, detailing methods such as DLL Injection, Process Hollowing, Doppelgänging, APC Injection, Thread Local Storage, and more. 

You will learn how these methods work at a technical level, from how attackers allocate and write into memory to how they bypass user-mode hooks and hide malicious actions. You will also discover detection best practices using Sysmon, Process Monitor, Process Explorer, Sigma, and YARA, and prevention strategies, such as leveraging firewalls, whitelisting, EDR policies, and SIEM integration. Finally, you will delve into Mockingjay, a newly discovered injection method, to stay ahead of emerging threats and build a robust, layered security posture. 

By the end of this course, you will possess the knowledge and skills to identify, analyze, and defend against a wide variety of process injection attacks, enabling you to confidently protect your organization’s digital infrastructure against evolving adversarial tactics. 

What You Will Learn

  • The fundamentals of process injection and its role in modern threat landscapes.
  • The sub-techniques of process injection (DLL Injection, PE Injection, APC, Process Hollowing, etc.) across Windows and Linux.
  • Lab-based detection methods, leveraging Sysmon, Process Monitor, Process Explorer, Sigma, and YARA to identify malicious injections.
  • Prevention and remediation strategies, including firewalls, whitelisting, EDR solutions, and SIEM integrations to block or mitigate injection attacks.
  • Emerging injection methods, such as Mockingjay, and how to proactively adapt your defenses against newly discovered threats.

Program Curriculum

  • High-level Overview of Course
  • The Significance of Process Injection in Modern Threats
  • Common Evasion Techniques & Process Injection’s Role
  • Chapter 1 Quiz

  • Installing VirtualBox and Creating a Windows 10 VM
  • Linux VM Setup for ptrace & VDSO Testing
  • Installing Sysmon, Sysinternals & Microsoft Defender for Endpoint (ATP)
  • Additional Tools
  • Chapter 2 Quiz

  • Dynamic-Link Library (DLL) Injection
  • Portable Executable (PE) Injection
  • Thread Execution Hijacking
  • Asynchronous Procedure Call (APC)
  • Chapter 3 Quiz

  • Thread Local Storage
  • ptrace System Calls
  • Extra Window Memory Injection
  • Process Hollowing
  • Process Doppelgänging
  • VDSO Hijacking
  • ListPlanting
  • Chapter 4 Quiz

  • Process Injection IoCs & Sysmon Event Correlation
  • Malicious PowerShell & Script Block Logging
  • Threat Detection with Sigma
  • YARA for Injection Detection
  • Chapter 5 Quiz

  • Understanding the Mockingjay Process Injection
  • Security Implications & Evasion Tactics
  • Complete Execution Flow of Mockingjay
  • Detection & Remediation Measures
  • Chapter 6 Quiz

  • Blacklisting & Whitelisting (AppLocker, WDAC)
  • Configuring SIEM Tools to Monitor Suspicious Events
  • Microsoft Defender for Endpoint
  • Comprehensive Checklist for Monitoring, Detection & Defense
  • Chapter 7 Quiz

  • Summary of Key Takeaways
  • EC-Council’s C,TIA & Next Steps
Load more modules

Instructor

Seif Eddine

Ing.Seif (Seif Eddine) is an engineer specializing in Big Data and Cybersecurity, grounded in early immersion in ethical hacking. He provides security consulting, bug hunting, and advanced threat analysis to organizations worldwide. Over the years, he discovered a passion for teaching and has since developed multiple courses that merge robust technical depth with practical cybersecurity applications. Leveraging his extensive expertise in automation, threat detection, and digital forensics, Seif empowers clients and students alike to safeguard critical digital assets in an increasingly complex threat landscape.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering video-based learning with 840+ courses and diverse Learning Paths to enhance your skills.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 840+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs and CTF Challenges for comprehensive skill-building.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 1400+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month

Related Courses

  • Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2.

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Short Course

    Hacking WEP/WPA/WPA2 Wi-Fi Networks Using Kali Linux 2

    Vulnerability Assessment and Pentesting

    The comprehensive course to secure & crack WEP/WPA/WPA2 k...

    $69.99

    Intermediate

    5 hr 12 m

  • Bootstrap 4 Quick Website Bootstrap Components Course.

    Bootstrap 4 Quick Website Bootstrap Components Course

    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches.

    CCNA - Understanding Routers and Switches

    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course.

    The Complete Full-Stack JavaScript Course

    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS

    React.JS for Ecommerce: Building a Store with React.JS

    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training.

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes.

    Helm 3 - Package Manager for Kubernetes

    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally.

    Learn Ethical Hacking by Hacking Real Websites Legally

    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

1 50
View all