Offensive-Panda/PEB_WALK_AND_API_OBFUSCATION_INJECTION external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Offensive-Panda/PEB_WALK_AND_API_OBFUSCATION_INJECTION

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Offensive-Panda/PEB_WALK_AND_API_OBFUSCATION_INJECTION)

Close

Offensive-Panda / PEB_WALK_AND_API_OBFUSCATION_INJECTIONView on GitHubMore

• External links
• Readme badge

This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.

☆26Jul 26, 2024Updated last year

Alternatives and similar repositories for PEB_WALK_AND_API_OBFUSCATION_INJECTION

Users that are interested in PEB_WALK_AND_API_OBFUSCATION_INJECTION are comparing it to the libraries listed below

• sergiovks / AntiVirus-Bypass-PowerShell-In-Memory-Injection

  View on GitHub
  Script made for bypassing antivirus using Powershell Injection method. Place your shellcode from msfvenom on line 15, the script can be c…
  ☆15Jun 14, 2023Updated 2 years ago
• CCob / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆16Dec 6, 2024Updated last year
• qwqdanchun / RainbowSheep

  View on GitHub
  Change hash for a signed pe
  ☆17Jul 18, 2023Updated 2 years ago
• Offensive-Panda / D3MPSEC

  View on GitHub
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆28Sep 18, 2024Updated last year
• Libraggbond / EventViewerBypassUacBof

  View on GitHub
  EventViewer Bypass Uac Bof
  ☆23Jul 23, 2022Updated 3 years ago
• safedv / GPOAnalyzer

  View on GitHub
  GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.
  ☆28Jun 14, 2024Updated last year
• DamonMohammadbagher / NativePayload_TiACBT

  View on GitHub
  NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)
  ☆13Jun 6, 2023Updated 2 years ago
• 123ojp / VxLAN-Scanner

  View on GitHub
  This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion
  ☆28Jul 21, 2025Updated 7 months ago
• xidenlz / Screenshot-Detection-Bypass

  View on GitHub
  This repository provides a simple project demonstrating how to hook BitBlt from gdi32.dll to capture clean screenshots of game windows. B…
  ☆32Sep 26, 2024Updated last year
• Nou4r / PresentInjector

  View on GitHub
  A simple present scene, kernel allocation injector.
  ☆27Jun 12, 2022Updated 3 years ago
• alexlee820 / PatchedCLRLoader

  View on GitHub
  .NET assembly loader with patching AMSI and ETW bypass
  ☆31Apr 16, 2025Updated 10 months ago
• Octoberfest7 / lnk_generator

  View on GitHub
  Small project to facilitate creation of .lnk payloads
  ☆80Nov 18, 2022Updated 3 years ago
• 123456789zws / PJArk

  View on GitHub
  一个界面基于IMGUI的ARK，目前R3实现
  ☆13Nov 1, 2023Updated 2 years ago
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION

  View on GitHub
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆18Oct 31, 2024Updated last year
• TierZeroSecurity / killerPID-BOF

  View on GitHub
  BOF to terminate a process via PID as argument
  ☆28Sep 7, 2025Updated 5 months ago
• Sh0ckFR / API-Hashing

  View on GitHub
  A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++
  ☆37Jan 10, 2024Updated 2 years ago
• myzxcg / BypassUAC-Dll

  View on GitHub
  Use COM Component Bypass UAC,Dll Version
  ☆36Apr 17, 2021Updated 4 years ago
• 0xHossam / KernelCallbackTable-Injection-PoC

  View on GitHub
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆270Oct 31, 2024Updated last year
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 2 years ago
• okankurtuluss / Invoke-Mimikatz-Bypass

  View on GitHub
  This script dynamically decodes and executes a Base64 encoded Mimikatz script, allowing users to bypass security measures and run specifi…
  ☆21Jul 9, 2024Updated last year
• slemire / bof-adopt

  View on GitHub
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆17Jul 22, 2022Updated 3 years ago
• SpecterOps / SCOMHound

  View on GitHub
  ☆35Dec 4, 2025Updated 2 months ago
• cpu0x00 / EternelSuspention

  View on GitHub
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Jul 12, 2024Updated last year
• stuxnet147 / luna-1

  View on GitHub
  ☆17Dec 18, 2020Updated 5 years ago
• Nuxar1 / ImportsHook

  View on GitHub
  Written in a couple hours, don't judge :)
  ☆17Jun 3, 2023Updated 2 years ago
• HoangKien1020 / Moodle_RCE

  View on GitHub
  ☆22Jun 17, 2020Updated 5 years ago
• Karkas66 / EarlyCascadeImprooved

  View on GitHub
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆22Feb 20, 2025Updated last year
• Workingdaturah / BOF-Learning

  View on GitHub
  Cobalt Strike BOFS
  ☆16Dec 20, 2023Updated 2 years ago
• xpn / RandomTSScripts

  View on GitHub
  Collection of random RedTeam scripts.
  ☆211Mar 8, 2024Updated last year
• NeoMaster831 / rwDriver

  View on GitHub
  Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`
  ☆23Feb 10, 2024Updated 2 years ago
• gmh5225 / warbird-example

  View on GitHub
  ☆24Jul 15, 2023Updated 2 years ago
• Octoberfest7 / Backstab_BOF

  View on GitHub
  Beacon Object File implementation of Yaxser's Backstab
  ☆15Mar 9, 2022Updated 3 years ago
• JeremyNGalloway / WAF-bypass-fuzz-payloads

  View on GitHub
  shamelessly ripped from https://github.com/khalilbijjou/WAFNinja/
  ☆19Dec 16, 2016Updated 9 years ago
• rogxo / KernelDraw

  View on GitHub
  Use GDI in KernelMode
  ☆26Oct 1, 2022Updated 3 years ago
• djackreuter / proc_noprocdump

  View on GitHub
  Dump LSASS by spoofing command line arguments to procdump.
  ☆20Oct 21, 2024Updated last year
• rkbennett / pybof

  View on GitHub
  Python module for running BOFs
  ☆79Nov 28, 2025Updated 2 months ago
• stuxnet147 / Win-Kernel-PiDqSerializationWrite-Example

  View on GitHub
  How to use PiDqSerializationWrite. Introduces how to safely read and write from mapped driver
  ☆26May 29, 2023Updated 2 years ago
• notphage / gucci

  View on GitHub
  ☆10May 25, 2018Updated 7 years ago
• singhhdev / IOCTL-Kernel-Driver

  View on GitHub
  Kernel Driver which can be used to read guarded regions, read/write/ protect/ or allocate memory in desired process!
  ☆18Jan 8, 2026Updated last month