I decided to try Python for desktop development and came across such a concept as DLL injection. I also have a repository with which you can inject any Python code into an executable Python process with Process Hacker 2.
Hence the question, how can you protect yourself? Could you give any specific guidelines for this? Can you consider some specific examples of protection against DLL injections for Python.
Interesting attack. I think it’s one of those where if the attacker can get the target (you) to run their code that gets their payload .dll or .so on to your system, their code can already do much worse. You’re already pwned.
So the mitigation is the same as for many other attacks - pay attention to your operating system’s security warnings, run programs with least privilege (i.e. not as admin or root, if possible) and don’t run binaries or Python code from untrustworthy sources, especially from cracked games, or random people on discord.
If these suspect programs and code must be investigated, then look into the tools security investigators use - some sort of secure isolated environment is needed to run it in.