System Binary Proxy Execution: Rundll32
In this hands-on lab, you will learn how a malicious user can obfuscate some of their payload actions through downloaded DLL files using the built-in rundll32.exe. Using rundll32, an attacker can make their activity look like a normal Windows system binary process being executed under rundll32.

Course Content
In this hands-on lab, you will learn how a malicious user can obfuscate some of their payload actions through downloaded DLL files using the built-in rundll32.exe. Using rundll32, an attacker can make their activity look like a normal Windows system binary process being executed under rundll32.