BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.securityfest.com//2026//speaker//JGKMUG
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-2026-CJXNTP@cfp.securityfest.com
DTSTART;TZID=CET:20260529T103000
DTEND;TZID=CET:20260529T111000
DESCRIPTION:Process injection on Linux is often treated as a solved problem
 . Yet\, many modern tools remain architecture-locked or are easily flagged
  by basic heuristic analysis. This session introduces Aether\, a Linux pro
 cess injection framework designed for today’s landscape. We will deep-di
 ve into the technical hurdles of building a tool that handles both 32-bit 
 and 64-bit processes seamlessly. Aether utilizes ptrace for attachment and
  PLT (Procedure Linkage Table) hooking for precise function interception.\
 nThe talk goes beyond the basics by exploring a "Polyglot" approach to off
 ensive tooling. We will demonstrate how wrapping a performance-heavy C/C++
  injection core within a Rust-based FFI (Foreign Function Interface) tunne
 l creates a "safe" but powerful parasite. This hybrid architecture increas
 es exploit stability. It also complicates the work of reverse engineers by
  fragmenting the call stack across language boundaries. Attendees will wal
 k away with a functional understanding of Linux runtime code modification\
 , the state of modern PLT hooking\, and a roadmap for "oxidizing" legacy C
 ++ tools to stay ahead of evolving detection engines.
DTSTAMP:20260625T172855Z
LOCATION:Main Stage
SUMMARY:Aether: Engineering a Cross - Architecture Linux Process Injector -
  Lora
URL:https://cfp.securityfest.com/2026/talk/CJXNTP/
END:VEVENT
END:VCALENDAR