NATsCodes/ProcessHollowing external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

NATsCodes/ProcessHollowing

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/NATsCodes/ProcessHollowing)

Close

NATsCodes / ProcessHollowingView on GitHubMore

• External links
• Readme badge

Process Hollowing POC in CPP

☆19Oct 29, 2020Updated 5 years ago

Alternatives and similar repositories for ProcessHollowing

Users that are interested in ProcessHollowing are comparing it to the libraries listed below

• 1M50RRY / runpe-native-loader

  View on GitHub
  Loader and RunPE file executer
  ☆18Jun 12, 2019Updated 6 years ago
• avarenina / Windows-PE-Injection

  View on GitHub
  PE Injection with ring3 hook bypass
  ☆10May 3, 2021Updated 4 years ago
• ExpLife0011 / KernelModeMonitor

  View on GitHub
  Kernel-Mode driver and User-Mode application communication project
  ☆12Jun 24, 2018Updated 7 years ago
• kasif-dekel / OSR_DeviceTree_Vuln

  View on GitHub
  ☆13Jan 12, 2022Updated 4 years ago
• nqntmqmqmb / xorPacker

  View on GitHub
  A simple packer working with all PE files which cipher your exe with a XOR implementation
  ☆15Aug 10, 2020Updated 5 years ago
• d35ha / DumpPE

  View on GitHub
  Dump mapped PE files from memory to the disk
  ☆20Jun 28, 2019Updated 6 years ago
• TheLartians / StaticHash

  View on GitHub
  Constexpr hash functions for C++
  ☆19May 29, 2020Updated 5 years ago
• levanvn / PE_Packer

  View on GitHub
  Simple Packer PE File
  ☆16Mar 8, 2019Updated 6 years ago
• aaaddress1 / Lexa

  View on GitHub
  Windows Application Loader Running *.Exe files in Memory against Scrylla
  ☆21Dec 20, 2019Updated 6 years ago
• d35ha / RunPE

  View on GitHub
  An example of PE hollowing injection technique
  ☆25Jun 28, 2019Updated 6 years ago
• ch4ncellor / Inline-PatchFinder

  View on GitHub
  comparing data of module exports from disk and memory, then caching any differences.
  ☆26Dec 11, 2021Updated 4 years ago
• owerosu / packerPE32

  View on GitHub
  Simple PE packer with RtlCompressBuffer
  ☆21Sep 20, 2015Updated 10 years ago
• 0x25bit / darkRat_HVNC

  View on GitHub
  DarkRats Standalone HVNC
  ☆25May 20, 2022Updated 3 years ago
• Allevon412 / BreadBear

  View on GitHub
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Feb 26, 2024Updated 2 years ago
• ghzcrlvct / Adrena

  View on GitHub
  Software Protector
  ☆19Aug 16, 2020Updated 5 years ago
• ioncodes / pooldump

  View on GitHub
  ☆31Jan 12, 2022Updated 4 years ago
• APTortellini / DefenderSwitch

  View on GitHub
  Stop Windows Defender using the Win32 API
  ☆192Feb 2, 2022Updated 4 years ago
• lennyRBLX / manual_exception_handling

  View on GitHub
  Handling C++ & __try exceptions without the need of built-in handlers.
  ☆77Aug 28, 2021Updated 4 years ago
• ajkhoury / pubg_internal

  View on GitHub
  ☆31Oct 1, 2021Updated 4 years ago
• TaszkSecLabs / presentations

  View on GitHub
  ☆31Oct 13, 2025Updated 4 months ago
• jnastarot / cleancall

  View on GitHub
  Library for using direct system calls
  ☆35Jan 30, 2025Updated last year
• SamLarenN / PSC-Engine

  View on GitHub
  Polymorphic Stub Creator
  ☆34Jun 11, 2017Updated 8 years ago
• EgeBalci / MapPE

  View on GitHub
  PE file mapping and manipulation package.
  ☆36May 6, 2022Updated 3 years ago
• lucataco / cog-OmniParser-v2

  View on GitHub
  Cog wrapper for microsoft/OmniParser-v2
  ☆12Feb 25, 2025Updated last year
• 474172261 / slides

  View on GitHub
  Collection of slides
  ☆33Aug 20, 2025Updated 6 months ago
• adspro15 / DirectInput

  View on GitHub
  Simulate SendInput with ClassService
  ☆35Sep 5, 2018Updated 7 years ago
• uknowsec / ReflectiveDLLInjection-Notes

  View on GitHub
  ReflectiveDLL学习代码
  ☆35Jul 12, 2020Updated 5 years ago
• RonF98 / CVE-2024-43451-POC

  View on GitHub
  CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious…
  ☆15Jan 21, 2025Updated last year
• fMeow / silabs_usb_xpress

  View on GitHub
  A rust Implementation of the SiLabs USBXpress Driver using LibUSB
  ☆10May 1, 2021Updated 4 years ago
• rising-anti-malware-team / lame

  View on GitHub
  ☆12May 30, 2019Updated 6 years ago
• somma / bob_dbg

  View on GitHub
  ☆10Aug 26, 2016Updated 9 years ago
• jesec / android_kernel_samsung_universal8895

  View on GitHub
  ☆10Jul 30, 2017Updated 8 years ago
• reznok / MemoryLoader

  View on GitHub
  A .NET binary loader that bypasses AMSI
  ☆45Sep 20, 2021Updated 4 years ago
• DFRWS-memory-subversion / DFRWS-USA-2020

  View on GitHub
  ☆12Feb 8, 2021Updated 5 years ago
• OE4T / tegra-eeprom-tool

  View on GitHub
  Tools for reading and writing identification EEPROMs on NVIDIA Jetson platforms.
  ☆16Sep 26, 2025Updated 5 months ago
• ybouhjira / hostapd-configuration

  View on GitHub
  Connecting to WIFI and sharing on the same NIC using hostapd & wpa_supplicant
  ☆12Sep 7, 2014Updated 11 years ago
• Paskowsky / DreamProtectorFree

  View on GitHub
  Simple protector to show how to run a payload without dropping it using RunPE Technique
  ☆35Jul 3, 2017Updated 8 years ago
• malminhas / raspberrypi-pico

  View on GitHub
  Hacking about with the Raspberry Pi Pico
  ☆11Jan 3, 2022Updated 4 years ago
• wavescholar / CxImageVS2010

  View on GitHub
  Port of CXImage to Visual Studio 2010
  ☆11Apr 13, 2014Updated 11 years ago