- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Evading Defender - Asynchronous Procedure Call (APC) Injection via alertable state
New to Maldev? Start with our Maldev 101 foundational series before diving in: https://www.rbtsec.com/blog/category/maldev/
Join the Discord community to discuss and learn more: https://discord.gg/UnHBp9FuGK
APC Injection via alertable state
In this video, we explain how Asynchronous Procedure Call (APC) injection works and why it often appears in security research. We also highlight related Mythic capabilities, such as AMSI and ETW bypass concepts, default process swapping (e.g., MSBuild.exe as LOLBins), and user-focused system enumeration (Seatbelt) to provide context on how defenders and researchers study post-exploitation techniques. If you’d like to learn more or discuss the research side of these topics, join our community on Discord!
Follow Us:
Discord: https://discord.gg/UnHBp9FuGK
LinkedIn: https://www.linkedin.com/company/rbtsecurity/
Twitter: https://twitter.com/RBTSecurity
Facebook: https://www.facebook.com/RBTSecur1ty/
GitHub: https://github.com/rbtsecurity/
Contact Us:
For business inquiries and collaborations, please email us at info@rbtsec.com
Educational Disclaimer:
All content is intended for educational purposes only, to promote ethical hacking and security research.
#CyberSecurity #MalwareAnalysis #APCInjection #WindowsInternals #ReverseEngineering #RedTeam #InfoSec #SecurityResearch #TechEducation #HackingExplained #RBTSecurity
Видео Evading Defender - Asynchronous Procedure Call (APC) Injection via alertable state канала RBT Security
Join the Discord community to discuss and learn more: https://discord.gg/UnHBp9FuGK
APC Injection via alertable state
In this video, we explain how Asynchronous Procedure Call (APC) injection works and why it often appears in security research. We also highlight related Mythic capabilities, such as AMSI and ETW bypass concepts, default process swapping (e.g., MSBuild.exe as LOLBins), and user-focused system enumeration (Seatbelt) to provide context on how defenders and researchers study post-exploitation techniques. If you’d like to learn more or discuss the research side of these topics, join our community on Discord!
Follow Us:
Discord: https://discord.gg/UnHBp9FuGK
LinkedIn: https://www.linkedin.com/company/rbtsecurity/
Twitter: https://twitter.com/RBTSecurity
Facebook: https://www.facebook.com/RBTSecur1ty/
GitHub: https://github.com/rbtsecurity/
Contact Us:
For business inquiries and collaborations, please email us at info@rbtsec.com
Educational Disclaimer:
All content is intended for educational purposes only, to promote ethical hacking and security research.
#CyberSecurity #MalwareAnalysis #APCInjection #WindowsInternals #ReverseEngineering #RedTeam #InfoSec #SecurityResearch #TechEducation #HackingExplained #RBTSecurity
Видео Evading Defender - Asynchronous Procedure Call (APC) Injection via alertable state канала RBT Security
Комментарии отсутствуют
Информация о видео
26 ноября 2025 г. 13:46:55
00:14:58
Другие видео канала
Secure Your Web Apps with RBT's Pentest Solutions
Kubernetes Penetration Testing – Part Two
Red Team & Adversary Emulation & Purple Team Assessments
SSH Port Forwarding in a Pentest Scenario #infosec #cybersecurity #security #rbtsecurity
Initial Access In An Internal Pentest Part 1
Evading Microsoft Defender: Implementing Our Own Versions of GetModuleHandle and GetProcAddress
Kubernetes pentest part 6: Dashboard Exploitation From Misconfiguration to Full Cluster Compromise
Evading AV/EDR & Memory Evasion in Action
Initial Access In An Internal Pentest Part 3
Abusing Active Directory Certificate Services (ADCS) | ESC5 Attack Explained
API Hooking: Analyzing AV/EDR
Advanced #SSH Port Forwarding for #Pentester! #security #cybersecurity #rbtsecurity #infosec
Thread Context Code Injection - Havoc C2
RBT Security helps to secure the digital world.
Abusing Active Directory Certificate Services (ADCS) | ESC6 Attack Explained
Ransomware Simulation Demo - FeatheredSerpent
Kubernetes Pentesting – Part 5: Full etcd Secrets Dump
BadSuccessor - Attacking dMSA for Privilege Escalation in Active Directory
Evading AV/EDR — and What Comes Next
Abusing Active Directory Certificate Services (ADCS) | ESC3 Attack Explained
Evading Microsoft Defender: APC Injection Suspended Threads & Credential Extraction
