Here are some popular methods used for process injection on the windows operating system.
- Conhost
- ExtraBytes
- PROPagate
- Service Control Handler
- Print Spooler / ALPC
- KernelCallbackTable
- CLIPBRDWNDCLASS
- WordWarping, Hyphentension, AutoCourgette, Streamception, Oleum, ListPlanting, Treepoline
- Windows Notification Facility
- Windows Sockets Helper Functions
- Multiple Provider Router (MPR) DLL and Shell Notifications
- DNS Client API
- Breaking BaDDEr
- Tooltip or Common Controls
- KnownDlls Cache Poisoning