PROCESS HOLLOWING
Process Hollowing: Inside the Evasion Technique Used by Malware and Red Teams
Introduction Process hollowing is a sophisticated code injection technique often used by malware, advanced persistent threats (APTs), and red teamers to evade detection, bypass endpoint defenses, and execute malicious payloads under the disguise of legitimate processes. Unlike traditional code injection, process hollowing replaces the memory of a benign process with