Process Argument Spoofing (2)

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/offensive-security/Process Argument Spoofing (2).md.

Status: catalogued

Excerpt

Module 49 - Process Argument Spoofing (2) In the previous module, Procmon was tricked into logging the dummy command line arguments. However, the same technique does not work as well against some tools such as Process Hacker. The image below shows the result of argument spoofing in Process Hacker. The legitimate arguments are b…

Likely wiki targets

Pending — this source has not yet been distilled into wiki pages. Future ingest can populate links to the concept / technique / CVE pages this material would inform.