EgeBalci / MapPELinks
PE file mapping and manipulation package.
☆36Updated 3 years ago
Alternatives and similar repositories for MapPE
Users that are interested in MapPE are comparing it to the libraries listed below
Sorting:
- Basic multi platform meterpreter loader module.☆15Updated 5 years ago
- Assembly block for hooking windows API functions.☆93Updated 6 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆77Updated 2 years ago
- Some simple process injection techniques targeting the Windows platform☆31Updated 5 years ago
- A better alternative to RunDLL32☆33Updated 6 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆29Updated 6 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- ☆92Updated 4 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 10 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆20Updated 6 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆18Updated 4 years ago
- Encrypted Shellcode Loader Generator☆22Updated 6 years ago
- An example of PE hollowing injection technique☆25Updated 6 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- Shellcode to load an appended Dll☆89Updated 4 years ago
- Shellcode Loader Engine for Windows☆25Updated 8 years ago
- ☆45Updated 7 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104Updated 5 years ago
- Windows (ShadowMove) Socket Duplication☆87Updated 5 years ago
- ☆64Updated 2 years ago
- PoC designed to evade userland-hooking anti-virus.☆90Updated 6 years ago
- GUI Application in C# to run and disassemble shellcode☆36Updated 8 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆69Updated 6 years ago
- Small tool to load shellcodes or PEs to analyze them☆83Updated 7 years ago
- ☆50Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Updated 3 years ago
- This is a project to receive Base64 data and decode it in process☆15Updated 5 years ago
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Updated 7 years ago
- A reduced functionality cli client for the imdisk ram disk driver. To be used through a backdoor like meterpreter☆24Updated 7 years ago