Narumiii / phantommapView external linksLinks
Phantom DLL Hollowing method implemented in modmap
☆18Jun 9, 2021Updated 4 years ago
Alternatives and similar repositories for phantommap
Users that are interested in phantommap are comparing it to the libraries listed below
Sorting:
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Runpe + DInvoke + Syscall☆16Jun 18, 2021Updated 4 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Apr 7, 2022Updated 3 years ago
- Feature complete external assistance for Dead by Daylight using a kernel mode driver.☆13Feb 2, 2022Updated 4 years ago
- ☆14Sep 2, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- ☆32Jul 2, 2020Updated 5 years ago
- Iterate over Windows Handles��☆15Nov 18, 2025Updated 2 months ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- ☆81Dec 24, 2021Updated 4 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 3 years ago
- Source code RDPUploader☆19Dec 27, 2018Updated 7 years ago
- ☆20Jul 27, 2020Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- Read my blog for more info -☆31Apr 27, 2021Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- post exploitation user monitoring tool☆20Jul 3, 2018Updated 7 years ago
- WinLogon I/O (LogonUI) Plugin for PowerRemoteDesktop☆28Feb 3, 2022Updated 4 years ago
- PhishingExploit☆24Sep 3, 2018Updated 7 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆44Jun 23, 2022Updated 3 years ago
- Thawne is a Sentinel for your Program. A trojan that Reinfects systems. It installs itself on the system it's Executed on. After which Th…☆10Oct 13, 2020Updated 5 years ago
- Shellcode异或加密工具☆12Mar 23, 2017Updated 8 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Mar 3, 2022Updated 3 years ago
- Here i will upload every prynt stealer stub source code and you will discover that is stormkitty 0_0 (I didnt buy anything from prynt whi…☆11Jan 8, 2023Updated 3 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- 攻防清单:用于整理当前收集的所有攻防相关资源☆26Mar 22, 2019Updated 6 years ago
- 一个用于隐藏C2的、开箱即用的反向代理服务器。 旨在省去繁琐的配置Nginx服务的过程。☆45Dec 18, 2021Updated 4 years ago