Process doppelganging POC using direct system calls, PPID spoofing and dropbox as an external delivery channel for the payload.
☆17Jan 7, 2021Updated 5 years ago
Alternatives and similar repositories for ProcessDoppelganging
Users that are interested in ProcessDoppelganging are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago
- TLS Examples in Schannel and IO Completion Ports☆10Jun 21, 2022Updated 3 years ago
- Adds many features and provides options for Microsoft Copilot / Bing AI (ChatGPT v4).☆11Jun 4, 2024Updated last year
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- A PE32/PE32+ parser written in MASM32☆13Feb 24, 2016Updated 10 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- WoW64 -> x64☆18Oct 1, 2016Updated 9 years ago
- Playing with packets in C#☆15Aug 16, 2024Updated last year
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Windows PE Signature Thief in C++☆51Aug 21, 2020Updated 5 years ago
- Pattern Scanning Library supporting compile time patterns, both x86_64 and arm64☆20Aug 3, 2025Updated 8 months ago
- ☆21Feb 6, 2024Updated 2 years ago
- 记录一下Windows下的Hook技巧☆15Jul 15, 2024Updated last year
- ☆15Dec 16, 2020Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Loads shellcode from a resource file.☆22Aug 15, 2019Updated 6 years ago
- Access windows machine remotely on HTTP☆12Oct 28, 2020Updated 5 years ago
- Reflective DLL that hooks the creation of the UAC prompt popped by explorer.exe for privilege escalation.☆22Feb 20, 2021Updated 5 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- Encrypted Shellcode Loader Generator☆22Jan 29, 2019Updated 7 years ago
- A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024☆16Sep 12, 2024Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- Remote memory library in C++17.☆33May 31, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 4 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 10 months ago
- Modern C++ wrapper for Windows PE signature verification mechanism☆30Aug 9, 2019Updated 6 years ago
- A few examples of how to trap virtual memory access on Windows.☆42Dec 18, 2024Updated last year
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- This is another tool helping to generate c file for dll hijack, besides AheadLib and AddExport. 这是 AheadLib 和 AddExport 之外的,另一种生成 DLL 劫持…☆27Mar 17, 2019Updated 7 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆29Aug 5, 2019Updated 6 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆274Oct 31, 2024Updated last year
- Binary dumps of World of Warcraft Classic...for educational purposes of course☆31Sep 23, 2021Updated 4 years ago
- Simple programmatic Windows processes monitor.☆26Mar 8, 2015Updated 11 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- force delete runing .exe application file.or delete any locked file☆74Mar 21, 2023Updated 3 years ago
- ☆80Aug 6, 2017Updated 8 years ago