Detecting Deceptive Process Hollowing Techniques Using HollowFind Volatility Plugin

In this blog post we will look at different types of process hollowing techniques used in the wild to bypass, confuse, deflect and divert the forensic analysis. I also present a Volatility plugin hollowfind to detect these different types of process hollowing. Before looking at the different types of process hollowing, lets try to understand … Continue reading Detecting Deceptive Process Hollowing Techniques Using HollowFind Volatility Plugin