Event Details

SafeBreach Delivers the Industry's First Comprehensive Guide to Windows Process Injection Techniques at Black Hat USA 2019

SafeBreach CTO and VP of Security Research to Present at Black Hat USA 2019 and DEF CON 2019

Sunnyvale, CA, July 31, 2019 -- SafeBreach Inc, vendor of the industry leading Breach and Attack Simulation platform, announced today that Itzik Kotler, Co-Founder and CTO of SafeBreach, and Amit Klein, VP of Security Research, SafeBreach, will deliver an in-depth briefing at Black Hat USA 2019 entitled, “Process Injection Techniques - Gotta Catch Them All,” on Thursday, August 8, 2019 at 11 a.m. PT in South Seas CDF. They will offer the same presentation the following day at DEF CON, on Friday, August 9, 2019 at noon PT.

In late 2018, Itzik and Amit began researching process injection in Windows, assuming there were only 6 or 7 fundamental techniques to report. Much to their surprise, the duo found over 20 techniques to date, which they extracted and analyzed.

At this session, the SafeBreach team will unveil the most comprehensive collection yet of Windows process injection techniques. They will also disclose a new technique called Stack Bomber, and release a new tool called Pinjectra that addresses all of the above threats. The briefing will focus on Windows 10 x64, and on injections from running a 64-bit medium integrity process to another running a 64-bit medium integrity process, without privilege elevation. The presentation will emphasize new Windows protection technologies, including CFG and CIG.

“The world of process injection in Windows has been relatively uncharted- until now. The research that we present at Black Hat and DEF CON contains new insights, and will support a better, broader and deeper understanding of the defense evasion techniques that exist today and how to mitigate these issues,” said Amit Klein, VP of Security Research, SafeBreach. “As leaders setting the industry standard in breach and attack simulation, we provide cutting-edge research to inform the cybersecurity industry of new attack vectors and techniques.”

For more details on the research SafeBreach is going to present please click here:


For more information about the “Process Injection Techniques - Gotta Catch Them All” presentation at Black Hat USA 2019, please visit: https://www.blackhat.com/us-19/briefings/schedule/index.html#process-injection-techniques---gotta-catch-them-all-16010

For more information about the “Process Injection Techniques - Gotta Catch Them All” presentation at DEF CON 2019, please visit: https://www.defcon.org/html/defcon-27/dc-27-speakers.html#Kotler

About SafeBreach

SafeBreach is a leader in breach and attack simulation. The company’s groundbreaking patented platform provides a “hacker's view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow us on Twitter @SafeBreach.

Media Contact:

Danielle Ostrovsky

Hi-Touch PR