Kara-4search/PEB-PPIDspoofing_Csharp external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Kara-4search/PEB-PPIDspoofing_Csharp

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Kara-4search/PEB-PPIDspoofing_Csharp)

Close

Kara-4search / PEB-PPIDspoofing_CsharpView on GitHubMore

• External links
• Readme badge

Command line & PPID spoofing

☆29Apr 15, 2023Updated 2 years ago

Alternatives and similar repositories for PEB-PPIDspoofing_Csharp

Users that are interested in PEB-PPIDspoofing_Csharp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Kara-4search / WindowsEventLogsBypass_Csharp

  View on GitHub
  Bypass windows eventlogs & Sysmon
  ☆20Aug 24, 2021Updated 4 years ago
• Kara-4search / Simple_ShellCodeLoader_CSharp

  View on GitHub
  A Simple ShellcodeLoader
  ☆11Jun 4, 2021Updated 4 years ago
• Kara-4search / MappingInjection_CSharp

  View on GitHub
  MappingInjection via csharp
  ☆40Nov 19, 2021Updated 4 years ago
• Kara-4search / HookDetection_CSharp

  View on GitHub
  HookDetection
  ☆45Sep 3, 2021Updated 4 years ago
• Kara-4search / ProcessHollowing_CSharp

  View on GitHub
  ProcessHollowing via csharp
  ☆13Dec 21, 2021Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Kara-4search / BypassAMSI_CSharp

  View on GitHub
  Bypass AMSI
  ☆13Aug 8, 2021Updated 4 years ago
• Kara-4search / EarlyBirdInjection_CSharp

  View on GitHub
  Inject shellcode into process via "EarlyBird"
  ☆26Aug 30, 2021Updated 4 years ago
• Kara-4search / ThreadHijacking_CSharp

  View on GitHub
  Process inject technique "Thread hijacking" via csharp
  ☆15Dec 18, 2021Updated 4 years ago
• Kara-4search / SysCall_ShellcodeLoad_Csharp

  View on GitHub
  Load shellcode via syscall
  ☆56Jul 28, 2021Updated 4 years ago
• Kara-4search / Fiber_ShellcodeExecution

  View on GitHub
  Using fibers to execute shellcode in a local process via csharp
  ☆28Jan 2, 2022Updated 4 years ago
• Kara-4search / NewNtdllBypassInlineHook_CSharp

  View on GitHub
  Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
  ☆62Sep 6, 2021Updated 4 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp

  View on GitHub
  ShellCodeLoader via DInvoke
  ☆60Jul 5, 2021Updated 4 years ago
• Kara-4search / BypassETW_CSharp

  View on GitHub
  Bypassing ETW with Csharp
  ☆27Oct 28, 2021Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆18Jan 21, 2022Updated 4 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• gam4er / SneakyRun

  View on GitHub
  Some stuff for PHD2021
  ☆14May 21, 2025Updated 10 months ago
• TraiLeR2 / CVE-2023-36168

  View on GitHub
  An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component
  ☆11Aug 5, 2023Updated 2 years ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• mrx325 / hVNC-Recoded

  View on GitHub
  Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.
  ☆10Oct 13, 2021Updated 4 years ago
• ramoncjs3 / DumpLsass

  View on GitHub
  使用MiniDumpWriteDump与RtlReportSilentProcessExit实现提取lsass.dmp的工具
  ☆11Dec 29, 2021Updated 4 years ago
• PorLaCola25 / PPID-Spoofing

  View on GitHub
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆42Sep 23, 2021Updated 4 years ago
• WindowsGuy-code / Windows11-Kernel-Rootkit

  View on GitHub
  A Windows 11 Rootkit. (Exploit has been patched)
  ☆16Sep 7, 2025Updated 6 months ago
• thomasxm / BOAZ

  View on GitHub
  A Multilayered AV/EDR Evasion Framework and AV Testing Tool.
  ☆18Jun 28, 2025Updated 9 months ago
• CodeXTF2 / evasion-adventures-files

  View on GitHub
  Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
  ☆31Jan 14, 2023Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• rmartinsanta / cs-dns-parser

  View on GitHub
  Cobalt Strike DNS beacon parser
  ☆11Nov 29, 2021Updated 4 years ago
• canc3s / judas

  View on GitHub
  轻便的恶意反代
  ☆48May 29, 2021Updated 4 years ago
• elddy / Windows-NTAPI-Injector

  View on GitHub
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆40Dec 9, 2020Updated 5 years ago
• NVISOsecurity / Interceptor

  View on GitHub
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space
  ☆135Jan 2, 2023Updated 3 years ago
• woodpecker-framework / woodpecker-bcel

  View on GitHub
  woodpecker框架专用bcel库
  ☆12Apr 30, 2021Updated 4 years ago
• patrickt2017 / VEHNetLoader

  View on GitHub
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Jul 6, 2025Updated 8 months ago
• M0nster3 / ITaskServers

  View on GitHub
  Bypass EDR Create TaskServers
  ☆39Dec 24, 2022Updated 3 years ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass

  View on GitHub
  AmsiScanBufferBypass using D/Invoke
  ☆136Jun 17, 2021Updated 4 years ago
• ahkeur / VEH2

  View on GitHub
  A Patchless AMSI Bypass Technique using VEH²
  ☆32Jun 22, 2025Updated 9 months ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• securifybv / Visual-Studio-BOF-template

  View on GitHub
  A Visual Studio template used to create Cobalt Strike BOFs
  ☆325Nov 17, 2021Updated 4 years ago
• coca1ne / DLLHijack_Detecter

  View on GitHub
  分析指定应用程序的劫持DLL
  ☆14Sep 18, 2015Updated 10 years ago
• mgeeky / ElusiveMice

  View on GitHub
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆483Jul 12, 2023Updated 2 years ago
• MaangoTaachyon / SelfDeletion-Updated

  View on GitHub
  Updated version of a long known self deletion technique to work with 24H2.
  ☆61Jun 9, 2025Updated 9 months ago
• roberreigada / LsassUnhooker

  View on GitHub
  Little program written in C# to bypass EDR hooks and dump the content of the lsass process
  ☆61Jun 24, 2021Updated 4 years ago
• AuFeng111 / linux_c2

  View on GitHub
  自研的linux_c2
  ☆13Jun 28, 2023Updated 2 years ago
• BOFs / BOFs

  View on GitHub
  Beacon Object Files.
  ☆36Feb 26, 2024Updated 2 years ago