Kara-4search/PEB-PPIDspoofing_Csharp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Kara-4search/PEB-PPIDspoofing_Csharp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Kara-4search/PEB-PPIDspoofing_Csharp)

Close

Kara-4search / PEB-PPIDspoofing_CsharpView on GitHubMore

• External links
• Readme badge

Command line & PPID spoofing

☆30Apr 15, 2023Updated 3 years ago

Alternatives and similar repositories for PEB-PPIDspoofing_Csharp

Users that are interested in PEB-PPIDspoofing_Csharp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Kara-4search / WindowsEventLogsBypass_Csharp

  View on GitHub
  Bypass windows eventlogs & Sysmon
  ☆19Aug 24, 2021Updated 4 years ago
• Kara-4search / Simple_ShellCodeLoader_CSharp

  View on GitHub
  A Simple ShellcodeLoader
  ☆11Jun 4, 2021Updated 4 years ago
• Kara-4search / MappingInjection_CSharp

  View on GitHub
  MappingInjection via csharp
  ☆39Nov 19, 2021Updated 4 years ago
• Kara-4search / HookDetection_CSharp

  View on GitHub
  HookDetection
  ☆45Sep 3, 2021Updated 4 years ago
• Kara-4search / ProcessHollowing_CSharp

  View on GitHub
  ProcessHollowing via csharp
  ☆13Dec 21, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Kara-4search / BypassAMSI_CSharp

  View on GitHub
  Bypass AMSI
  ☆13Aug 8, 2021Updated 4 years ago
• Kara-4search / EarlyBirdInjection_CSharp

  View on GitHub
  Inject shellcode into process via "EarlyBird"
  ☆27Aug 30, 2021Updated 4 years ago
• Kara-4search / ThreadHijacking_CSharp

  View on GitHub
  Process inject technique "Thread hijacking" via csharp
  ☆15Dec 18, 2021Updated 4 years ago
• Kara-4search / SysCall_ShellcodeLoad_Csharp

  View on GitHub
  Load shellcode via syscall
  ☆56Jul 28, 2021Updated 4 years ago
• Kara-4search / Fiber_ShellcodeExecution

  View on GitHub
  Using fibers to execute shellcode in a local process via csharp
  ☆26Jan 2, 2022Updated 4 years ago
• Kara-4search / NewNtdllBypassInlineHook_CSharp

  View on GitHub
  Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
  ☆62Sep 6, 2021Updated 4 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp

  View on GitHub
  ShellCodeLoader via DInvoke
  ☆59Jul 5, 2021Updated 4 years ago
• Kara-4search / BypassETW_CSharp

  View on GitHub
  Bypassing ETW with Csharp
  ☆27Oct 28, 2021Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆16Jan 21, 2022Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• gam4er / SneakyRun

  View on GitHub
  Some stuff for PHD2021
  ☆14May 21, 2025Updated last year
• TraiLeR2 / CVE-2023-36168

  View on GitHub
  An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
  ☆11Aug 5, 2023Updated 2 years ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• ramoncjs3 / DumpLsass

  View on GitHub
  使用MiniDumpWriteDump与RtlReportSilentProcessExit实现提取lsass.dmp的工具
  ☆12Dec 29, 2021Updated 4 years ago
• PorLaCola25 / PPID-Spoofing

  View on GitHub
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆43Sep 23, 2021Updated 4 years ago
• WindowsGuy-code / Windows11-Kernel-Rootkit

  View on GitHub
  A Windows 11 Rootkit. (Exploit has been patched)
  ☆16Sep 7, 2025Updated 8 months ago
• thomasxm / BOAZ

  View on GitHub
  A Multilayered AV/EDR Evasion Framework and AV Testing Tool.
  ☆19Jun 28, 2025Updated 11 months ago
• CodeXTF2 / evasion-adventures-files

  View on GitHub
  Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
  ☆31Jan 14, 2023Updated 3 years ago
• rmartinsanta / cs-dns-parser

  View on GitHub
  Cobalt Strike DNS beacon parser
  ☆11Nov 29, 2021Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• canc3s / judas

  View on GitHub
  轻便的恶意反代
  ☆48May 29, 2021Updated 5 years ago
• elddy / Windows-NTAPI-Injector

  View on GitHub
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆39Dec 9, 2020Updated 5 years ago
• NVISOsecurity / Interceptor

  View on GitHub
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
  ☆135Jan 2, 2023Updated 3 years ago
• woodpecker-framework / woodpecker-bcel

  View on GitHub
  woodpecker框架专用bcel库
  ☆12Apr 30, 2021Updated 5 years ago
• M0nster3 / ITaskServers

  View on GitHub
  Bypass EDR Create TaskServers
  ☆39Dec 24, 2022Updated 3 years ago
• ahkeur / VEH2

  View on GitHub
  A Patchless AMSI Bypass Technique using VEH²
  ☆32Jun 22, 2025Updated 11 months ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass

  View on GitHub
  AmsiScanBufferBypass using D/Invoke
  ☆136Jun 17, 2021Updated 4 years ago
• patrickt2017 / VEHNetLoader

  View on GitHub
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Jul 6, 2025Updated 10 months ago
• securifybv / Visual-Studio-BOF-template

  View on GitHub
  A Visual Studio template used to create Cobalt Strike BOFs
  ☆326Nov 17, 2021Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• coca1ne / DLLHijack_Detecter

  View on GitHub
  分析指定应用程序的劫持DLL
  ☆14Sep 18, 2015Updated 10 years ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆62Jun 9, 2025Updated 11 months ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆488Jul 12, 2023Updated 2 years ago
• roberreigada / LsassUnhooker

  View on GitHub
  Little program written in C# to bypass EDR hooks and dump the content of the lsass process
  ☆61Jun 24, 2021Updated 4 years ago
• AuFeng111 / linux_c2

  View on GitHub
  自研的linux_c2
  ☆13Jun 28, 2023Updated 2 years ago
• BOFs / BOFs

  View on GitHub
  Beacon Object Files.
  ☆35Feb 26, 2024Updated 2 years ago
• woodpecker-framework / woodpecker-sdk

  View on GitHub
  woodpecker-framework sdk
  ☆10May 19, 2021Updated 5 years ago