Detecting Reflective Injection presented at DEF CON 20

by Andrew King,

Tags: Security

Summary : This talk will focus on detecting reflective injection
with some mildly humorous notes and bypassing
said protections until vendors start actually
working on this problem. It seems amazing that
reflective injection still works. Why is that? Because
programmers are lazy. They dont want to write
new engines, they want to write definitions for an
engine that already exists. So what do we do about
it? Release a $5 tool that does what $50 AV has
failed epically at for several years now...oh and it
took me a week or so...Alternately, you could license
it to vendors since their programmers are lazy.