Learn the basics of process injection on Windows by doing — from enumerating processes to injecting malicious code, all with a cheeky little payload.
A syscall sends the System Service Number (SSN) to the kernel, which then uses it to look up the corresponding kernel subroutine in the System Service Dispatch Table (SSDT).
Windows consists of two modes: User mode and Kernel mode. The transition between these modes is made using the syscall instruction.