/tags/process-injection/ Recent content in Process-Injection on Vanilla InfoSec Hugo -- gohugo.io en Thu, 16 Apr 2026 00:00:00 +0000 /posts/introduction-to-process-injection---a-primer-on-the-theory/ Thu, 16 Apr 2026 00:00:00 +0000 /posts/introduction-to-process-injection---a-primer-on-the-theory/ What is Process Injection? In essence, process injection involves: Inserting a block of code (usually shellcode) into the memory space of a process. Process injection is a means to an end for evading on disk detection. Instead of executing malicious code directly via a PE file or script (which could more easily be caught on disk by antivirus or EDR), the code is injected into process memory. While by no means is this a reliably stealthy on its own, it is a fundamental concept needed to be understood before developing more advanced execution workflows. /posts/remote-thread-injection---writing-a-powershell-shellcode-loader/ Thu, 16 Apr 2026 00:00:00 +0000 /posts/remote-thread-injection---writing-a-powershell-shellcode-loader/ Process Injection in Practice: PowerShell Remote Thread Injection In the previous article, we explored what exactly process injection is, why it is used, and how blue teams attempt to detect it. In this post, we move from theory into practice by walking through a real-world example of the classic Remote Thread Injection technique, implemented using PowerShell. This example is intentionally straightforward and educational. It does not attempt to evade EDR, bypass AMSI, or conceal behavior whatsoever.