Picky PPID Spoofing
Parent Process ID (PPID) Spoofing is one of the techniques employed by malware authors to blend in the target system. This is done by making the malicious process look like it was spawned by another process. This helps evade detections that are based on anomalous parent-child process relationships.
https://capt-meelo.github.io//redteam/maldev/2021/11/22/picky-ppid-spoofing.html
#pid #spoofing #redteam #maldev #malware
Parent Process ID (PPID) Spoofing is one of the techniques employed by malware authors to blend in the target system. This is done by making the malicious process look like it was spawned by another process. This helps evade detections that are based on anomalous parent-child process relationships.
https://capt-meelo.github.io//redteam/maldev/2021/11/22/picky-ppid-spoofing.html
#pid #spoofing #redteam #maldev #malware
Hack.Learn.Share
Picky PPID Spoofing
Performing PPID Spoofing by targeting a parent process with a specific integrity level.