Herpaderping – Process Herpaderping Bypasses Security Products By Obscuring The Intentions Of A Process

[*] Process Herpaderping is a method of obscuring the intentions of a process by modifying the content on disk after the image has been mapped. This results in curious behavior by security products and the OS itself. Summary Generally, a security product takes action on process creation by registering a callback in the Windows KernelRead More