Highest Voted 'process' Questions - IT Security Stack Exchange

0

votes

1 answer

Is it possible to extract encryption keys from software executing on your own system?

I'm a newbie in this field so forgive me in advance if this question is stupid in anyway. Say we have a software that is executing on our system and encrypting files using a secret key that is not known to us. Is it possible to somehow gain access…

asked May 27 '21 at 20:16

Ayush

3
1

0

votes

3 answers

Does a compromised device always show an alien process running?

If I check the processes that are running in the Task Manager and find that only the usual process run every time I restart my PC, can I assume that my device is not compromised? In other words, does a compromised device always show an alien process…

malware process

asked Dec 17 '20 at 14:23

Jay Shah

339
2
4
10

0

votes

2 answers

How to dump the memory of a given process with Volatility 3?

It seems that the options of volatility have changed. How can I extract the memory of a process with volatility 3? The "old way" does not seem to work: If desired, the plugin can be used to dump contents of process memory. vol.py -f [image]…

windows forensics process

asked Oct 26 '20 at 05:47

Soleil

111
1
5

0

votes

0 answers

Securely execute child process on embedded Linux

Background I have an embedded Linux devices and need to invoke a subprocess. I try to avoid it but sometimes it's the most practical thing to do, e.g. calling networking commands like ip, networkmanager or doing data processing using an proprietary…

linux process

asked Aug 11 '20 at 06:06

Daniel Näslund

101
1

0

votes

1 answer

What is the best way to restrict /proc fs from malicious users (linux)?

I am trying to make a restriction to procfs like only a certain groups of members can perform read and write actions. kernel document says we can do that by setting hidepid and gid in /etc/fstab. It will restrict the malicious user from making read…

linux file-system kernel process

asked Mar 14 '20 at 15:00

Karthik Nedunchezhiyan

121
4

0

votes

2 answers

Prevent a process from reading my process list

I'm using an app right now that for some reason reads all my processes. Is there a way for me to prevent this from happening? Or maybe hide 2-3 processes I have? I'm using Windows 10 64 bits Thanks in advance. (I post this in security because it is…

process

asked Apr 24 '19 at 00:11

Kyuuri

15
1
4

0

votes

2 answers

How to hide a process in Windows?

Is there a way to make a process hidden without using any Administrator-level priviledges? I am building an antivirus which I want to protect from malware's actions, such as ending the process, or even detecting it. BTW, the targeted operating…

windows antivirus .net c++ process

asked Jan 29 '19 at 15:37

user96931

103
4

0

votes

0 answers

Threat Hunting Observations : Basic Scoring Jupyter Notebook for Running processes on Windows Operating Systems

I am trying to create a scoring Jupyter Notebook created for Windows Processes and I was wondering about what information would I exactly need to generate a basic Score for each process running on a Windows Machine. For the information retrieval I…

windows process indicator-of-compromise

asked Jan 18 '19 at 12:30

Hilo21

33
3

0

votes

2 answers

Find the process that queries a malicious domain every 2 minutes

I found suspicious traffic in a client a few days ago. A process in the client queries a malicious domain every 2 minutes. The domain is hostingcloud.science that hosts a javascript file for coin mining I checked the client with procmon and found…

network forensics process

asked Dec 08 '18 at 11:51

Giac

175
1
6

0

votes

2 answers

How can pentest reports contribute to structural solutions for vulnerabilities?

When you do a pentest what is your recommendation to the client on how to handle/interpret the report? What I frequently see is that identified issues - especially issues related to self developed software - are not fixed properly. The easiest…

penetration-test process

asked Nov 13 '18 at 15:45

pinas

161
8

0

votes

3 answers

IT Security Process Vs People

In IT Security, it is claimed that good security practice is made up of technology, process and people. But how do you dis-entangle "Process" from "People" because people implement the process?

process

asked Jul 23 '18 at 19:31

daikin

999
1
6
8

0

votes

0 answers

Credentials visible to ps (process analyzer)

I use the pass password manager on linux. I can use it to script shell commands that involve credentials without those creds showing up in my command-line history, e.g. foo-cli --password=$(pass show foo) The actual password won't show up in…

password-management process

asked Jun 26 '18 at 13:00

ivan

163
5

0

votes

1 answer

Modeling a per-process file based encryption for linux

I’m trying to model & implement a transparent file-based per-process encryption solution for linux. I want each process have its own files encrypted. I want to block firefox from reading my gpg private key for example (let’s say my priv key is not…

encryption cryptography linux process

asked Mar 03 '18 at 15:51

dzervas

332
2
11

0

votes

1 answer

Chrome Process shelljacket

noticed today this process running on google chrome task manager referencing http://shelljacket.us If I closed it will restart automatically in a few seconds. Can anyone confirm if this is safe? How can I get rid of it?

chrome process

asked Feb 16 '18 at 16:48

tirso

3
3

0

votes

2 answers

Prevent Process Hijacking and injection?

How do you prevent Process Hijacking and escalation? On Windows? Is there any proactive ways to prevent DLL injections and Privalage escalation? I know things like Virus Protection and Setting GPOs are great but are there any other proactive…

windows process

asked Jun 13 '17 at 01:11

Sam Arnold

105
7

Questions tagged [process]