MalwareTech / ZombifyProcess
Inject code into a legitimate process
☆141Updated 9 years ago
Related projects: ⓘ
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆91Updated 3 years ago
- ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…☆218Updated last year
- x64 usermode rootkit☆199Updated 6 years ago
- C++☆79Updated 8 years ago
- Recon 2015 Presentation from Alex Ionescu☆228Updated 8 years ago
- PoC designed to evade userland-hooking anti-virus.☆85Updated 5 years ago
- Process Doppelgänging☆152Updated 6 years ago
- Load a Windows Kernel Driver☆89Updated 7 years ago
- TDL4 style rootkit to spoof read/write requests to master boot record☆126Updated 6 years ago
- Process Hollowing for 32 bit and 64 bit☆78Updated 6 years ago
- A more stealthy variant of "DLL hollowing"☆335Updated 6 months ago
- Blackhat 2012 Sample Codes☆91Updated 8 years ago
- ☆119Updated this week
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- PE permutation library☆259Updated last year
- Reflective PE loader for DLL injection☆167Updated 6 years ago
- Collection Of Anti-Debugging Tricks☆96Updated 8 years ago
- Rovnix Bootkit☆120Updated 9 years ago
- MSI NTIOLib/WinIO Local Privilege Escalation exploit☆88Updated 7 years ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆315Updated 7 years ago
- Driver Initial Reconnaissance Tool☆119Updated 4 years ago
- Demos of various (also non standard) persistence methods used by malware☆216Updated last year
- Asynchronous Procedure Calls☆185Updated 3 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆165Updated 6 years ago
- Simple 32/64-bit PEs loader.☆135Updated 5 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆224Updated 4 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆106Updated 6 years ago
- ☆89Updated this week
- Analyze and attack windows applications using dll hijacking vulnerabilities☆54Updated 4 years ago
- ☆112Updated 11 years ago