NATsCodes / ProcessHollowingLinks
Process Hollowing POC in CPP
☆18Updated 4 years ago
Alternatives and similar repositories for ProcessHollowing
Users that are interested in ProcessHollowing are comparing it to the libraries listed below
Sorting:
- ☆36Updated 3 years ago
- ☆70Updated 6 months ago
- ☆63Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆88Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆113Updated 4 years ago
- Process Injection: APC Injection☆33Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆63Updated 2 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆56Updated 2 years ago
- ☆83Updated 11 months ago
- ☆21Updated 4 years ago
- ☆39Updated 2 years ago
- ☆15Updated 4 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆17Updated 3 years ago
- Collection of shellcode injection and execution techniques☆17Updated 4 years ago
- ☆39Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 4 years ago
- Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.☆6Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 4 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Updated last year
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Enabled / Disable LSA Protection via BYOVD☆73Updated 3 years ago
- ☆114Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- ☆62Updated 3 years ago
- Windows process injection methods☆18Updated 5 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆41Updated 3 years ago