Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Antivirus Evasion - Process Injection and Migration
Rating: 4.6 out of 5(8 ratings)
1,105 students

Antivirus Evasion - Process Injection and Migration

Learn Hands-On In Cyber-Security How Red Teamers and Threat Actors (APT) Evade Security Mechanisms in the Real World
Last updated 10/2025
English

What you'll learn

  • Understanding classic process injection techniques
  • Implementing process hollowing methods
  • Unhooking antivirus hooks for evasion
  • Unhooking AV ntdll.dll using PerunsFart
  • Manipulating memory regions through section mapping
  • Hijacking thread execution via thread context manipulation
  • Executing malicious code stealthily within legitimate processes
  • Bypassing security measures and antivirus detection
  • Conducting behavioral monitoring and memory analysis
  • Utilizing advanced endpoint detection and response (EDR) systems
  • Developing defensive measures against process injection attacks
  • Analyzing real-world case studies of malware behavior
  • Gaining hands-on experience through practical labs
  • Understanding the role of process migration in malware evasion
  • Enhancing skills in both offensive and defensive cybersecurity techniques

Course content

6 sections20 lectures1h 50m total length
  • Introduction3:02

    All TCG Security Academy courses that aren't on this platform are on their domain, which has a lot of benefits and other cybersecurity courses. Just visit the platform - www.tcg-sec.org

  • What is Process Injection & Migration1:23

    All TCG Security Academy courses that aren't on this platform are on their domain, which has a lot of benefits and other cybersecurity courses. Just visit the platform - www.tcg-sec.org

Requirements

  • A computer with 8GB ram to support 2 VMs running at the same time
  • Basic understanding of operating systems
  • Strong will to learn & creative mindset
  • If you like Hands-On, well this is the course for you, we do Hands-On here

Description

This course provides a comprehensive study of process injection and process migration techniques, essential for understanding advanced malware behavior and penetration testing. Participants will explore how attackers use these techniques to execute malicious code, bypass security measures, and evade detection.


The course covers a range of key techniques, including Classic Process Injection, Process Hollowing, Unhooking AV Hooks, and Unhooking AV ntdll.dll using PerunsFart. These methods allow attackers to stealthily manipulate and hijack legitimate processes. Students will also learn advanced concepts such as Section Mapping, where memory regions are manipulated for stealthy code execution, and Thread Context manipulation to hijack thread execution.


Additionally, participants will explore Asynchronous Procedure Calls (APCs), which allow attackers to queue code execution within a target process, adding to their toolkit of stealth techniques. Emphasis will be placed on understanding how these techniques are used in real-world attacks and how defenders can detect and mitigate them.


Through hands-on labs and case studies, students will gain practical experience in both the offensive use of these techniques and defensive measures, such as behavioral monitoring and memory analysis. The course will also explore detection strategies using modern tools and methodologies like advanced endpoint detection and response (EDR) systems.


By the end, participants will have a deep understanding of process injection and migration, equipping them to defend against these sophisticated attack methods.

Prerequisites: Basic knowledge of operating systems, programming, and cybersecurity fundamentals.

Who this course is for:

  • Red Teamers - Leveling their skills in their world of compromising systems & evading security mechanism
  • Blue Teamer - Learn how threat actors work or move in the wild, so they can defend better, protect their systems and educate their fellow workers for better security
  • Any-One - Off course, anyone in the Cyber Security field who just wanna learn or know how threat actors act in the wild