In this chapter, we looked at the different code injection techniques used by malicious programs to inject and execute malicious code within the context of a legitimate process. These techniques allow an attacker to perform malicious actions and bypass various security products. Apart from executing malicious code, an attacker can hijack the API functions called by a legitimate process (using hooking) and redirect control to the malicious code to monitor, block, or even filter an API's output, thereby altering a program's behavior. In the next chapter, you will learn the various obfuscation techniques used by adversaries to remain undetected from security monitoring solutions.