ProcessHollowing via csharp
☆13Dec 21, 2021Updated 4 years ago
Alternatives and similar repositories for ProcessHollowing_CSharp
Users that are interested in ProcessHollowing_CSharp are comparing it to the libraries listed below
Sorting:
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- Bypass AMSI☆13Aug 8, 2021Updated 4 years ago
- Bypassing ETW with Csharp☆27Oct 28, 2021Updated 4 years ago
- A Simple ShellcodeLoader☆11Jun 4, 2021Updated 4 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- Bypass windows eventlogs & Sysmon☆20Aug 24, 2021Updated 4 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- Reflective DLL injection Execution☆20Sep 9, 2022Updated 3 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- List of Bloodhound Python Custom Queries which I have found to be handy on engagements☆17Sep 18, 2019Updated 6 years ago
- Simple shellcode obfuscator using PYTHON and C / C++☆74Jun 17, 2020Updated 5 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- ☆25Jul 7, 2022Updated 3 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- ☆22Jul 29, 2021Updated 4 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆22Apr 13, 2018Updated 7 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 2 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- D/Invoke port of UrbanBishop☆30Dec 13, 2020Updated 5 years ago
- Tiny driver patch to allow kernel callbacks to work on Win10 21h1☆34Feb 7, 2022Updated 4 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆62Mar 19, 2021Updated 4 years ago
- Implementation of SpoolSample without rDLL☆29Sep 28, 2020Updated 5 years ago
- ☆30Aug 24, 2025Updated 6 months ago
- Fork & modify of Wireguard's Memmod☆33Aug 2, 2023Updated 2 years ago