Hagrid29/herpaderply_hollowing external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Hagrid29/herpaderply_hollowing

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Hagrid29/herpaderply_hollowing)

Close

Hagrid29 / herpaderply_hollowingView on GitHubMore

• External links
• Readme badge

Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping

☆69Oct 9, 2022Updated 3 years ago

Alternatives and similar repositories for herpaderply_hollowing

Users that are interested in herpaderply_hollowing are comparing it to the libraries listed below

• hasherezade / transacted_hollowing

  View on GitHub
  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
  ☆581Mar 8, 2024Updated 2 years ago
• mgeeky / PEInfo

  View on GitHub
  Another Portable Executable files analysing stuff
  ☆21May 28, 2011Updated 14 years ago
• Kara-4search / WindowsEventLogsBypass_Csharp

  View on GitHub
  Bypass windows eventlogs & Sysmon
  ☆20Aug 24, 2021Updated 4 years ago
• ProcessusT / UnhookingDLL

  View on GitHub
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆72Feb 11, 2024Updated 2 years ago
• hackerhouse-opensource / envschtasksuacbypass

  View on GitHub
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆58Feb 2, 2026Updated last month
• EvanMcBroom / perfect-loader

  View on GitHub
  Load a dynamic library from memory by modifying the native Windows loader
  ☆286Jun 18, 2025Updated 9 months ago
• Hagrid29 / PELoader

  View on GitHub
  PE loader with various shellcode injection techniques
  ☆449Oct 17, 2022Updated 3 years ago
• MrAle98 / Sliver-PortBender

  View on GitHub
  Sliver extension performing TCP redirection tasks without performing cross-process injection.
  ☆68Jan 14, 2025Updated last year
• Maldev-Academy / HellHall

  View on GitHub
  Performing Indirect Clean Syscalls
  ☆605Apr 19, 2023Updated 2 years ago
• hasherezade / process_doppelganging

  View on GitHub
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆640Aug 30, 2022Updated 3 years ago
• rad9800 / hwbp4mw

  View on GitHub
  ☆275Jan 14, 2023Updated 3 years ago
• alfarom256 / MCP-PoC

  View on GitHub
  Minifilter Callback Patching Proof-of-Concept
  ☆74Oct 31, 2022Updated 3 years ago
• ambray / DotNetReflectiveLoading

  View on GitHub
  ☆34Apr 5, 2017Updated 8 years ago
• zimnyaa / insomnia

  View on GitHub
  a stage1 DLL loader with sleep obfuscation
  ☆36Dec 27, 2022Updated 3 years ago
• icyguider / LatLoader

  View on GitHub
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆309Dec 9, 2023Updated 2 years ago
• NotoriousRebel / ConfigPersist

  View on GitHub
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆13Mar 17, 2022Updated 4 years ago
• Idov31 / NidhoggCSharpApi

  View on GitHub
  C# API for Nidhogg rootkit
  ☆21Apr 25, 2024Updated last year
• knightswd / WindowsHackCode

  View on GitHub
  Code with Windows Hacker
  ☆12Oct 14, 2022Updated 3 years ago
• hasherezade / process_overwriting

  View on GitHub
  Yet another variant of Process Hollowing
  ☆460Jul 31, 2025Updated 7 months ago
• hasherezade / process_ghosting

  View on GitHub
  Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…
  ☆686Mar 11, 2024Updated 2 years ago
• GetRektBoy724 / DCMB

  View on GitHub
  Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
  ☆251Jul 9, 2024Updated last year
• WithSecureLabs / TickTock

  View on GitHub
  ☆113Oct 10, 2022Updated 3 years ago
• BOFs / BOFs

  View on GitHub
  Beacon Object Files.
  ☆36Feb 26, 2024Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate

  View on GitHub
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆26Apr 21, 2025Updated 10 months ago
• hackerhouse-opensource / ColorDataProxyUACBypass

  View on GitHub
  Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…
  ☆143Feb 2, 2026Updated last month
• Cobalt-Strike / CallStackMasker

  View on GitHub
  A PoC implementation for dynamically masking call stacks with timers.
  ☆309Feb 13, 2023Updated 3 years ago
• lawiet47 / STFUEDR

  View on GitHub
  Silence EDRs by removing kernel callbacks
  ☆239Dec 7, 2020Updated 5 years ago
• paranoidninja / Proxy-Function-Calls-For-ETwTI

  View on GitHub
  The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
  ☆210Jan 29, 2023Updated 3 years ago
• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly

  View on GitHub
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆277Apr 17, 2023Updated 2 years ago
• Octoberfest7 / BeatRev

  View on GitHub
  POC for frustrating/defeating Malware Analysts
  ☆156Jun 12, 2022Updated 3 years ago
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• pwardle / ReflectiveLoader

  View on GitHub
  A Reflective Loader for macOS
  ☆148Jul 20, 2025Updated 7 months ago
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆267Oct 16, 2024Updated last year
• TheKevinWang / HellsRunPE

  View on GitHub
  RunPE using Hell's Gate technique.
  ☆32Dec 4, 2020Updated 5 years ago
• XaFF-XaFF / Kernel-Process-Hollowing

  View on GitHub
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆190Jun 30, 2023Updated 2 years ago
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆112Jan 7, 2024Updated 2 years ago
• dmcxblue / NiceDayPhishing

  View on GitHub
  ☆19Nov 28, 2024Updated last year
• hackerhouse-opensource / MsSettingsDelegateExecute

  View on GitHub
  Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.
  ☆83Feb 2, 2026Updated last month