EvilBytecode / PPID-SpoofingLinks
Parent Process ID Spoofing, coded in CGo.
☆23Updated 5 months ago
Alternatives and similar repositories for PPID-Spoofing
Users that are interested in PPID-Spoofing are comparing it to the libraries listed below
Sorting:
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Updated last year
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆11Updated 5 months ago
- ☆58Updated 11 months ago
- ☆29Updated last year
- A simple rpc2socks alternative in pure Go.☆29Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆44Updated last year
- Golang Implementation of Hell's gate☆19Updated 2 years ago
- Unix Process hollowing in rust☆22Updated 9 months ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆25Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆21Updated 7 months ago
- ECC Public Key Cryptography☆38Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 10 months ago
- ☆18Updated last year
- ☆47Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆49Updated 2 years ago
- Dump Linux keyrings☆20Updated last year
- Remap ntdll.dll using only NTAPI functions with a suspended process☆27Updated 5 months ago
- ☆37Updated 6 months ago
- single-threaded event driven sleep obfuscation poc for linux☆35Updated 3 months ago
- ☆20Updated 5 months ago
- ☆60Updated last year
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆15Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆22Updated last year
- exfiltration/infiltration toolkit☆24Updated last year
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated 2 years ago
- Reproducing the SkeletonKey malware.☆11Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago