Process doppelganging POC using direct system calls, PPID spoofing and dropbox as an external delivery channel for the payload.
☆16Jan 7, 2021Updated 5 years ago
Alternatives and similar repositories for ProcessDoppelganging
Users that are interested in ProcessDoppelganging are comparing it to the libraries listed below
Sorting:
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago
- TLS Examples in Schannel and IO Completion Ports☆10Jun 21, 2022Updated 3 years ago
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- WoW64 -> x64☆18Oct 1, 2016Updated 9 years ago
- Access windows machine remotely on HTTP☆12Oct 28, 2020Updated 5 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- Windows PE Signature Thief in C++☆51Aug 21, 2020Updated 5 years ago
- Reflective DLL that hooks the creation of the UAC prompt popped by explorer.exe for privilege escalation.☆22Feb 20, 2021Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- Loads shellcode from a resource file.☆22Aug 15, 2019Updated 6 years ago
- Encrypted Shellcode Loader Generator☆22Jan 29, 2019Updated 7 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆28Aug 5, 2019Updated 6 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆108Jan 3, 2021Updated 5 years ago
- ☆25Mar 3, 2019Updated 6 years ago
- ☆23Jan 6, 2020Updated 6 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- Remote memory library in C++17.☆34May 31, 2018Updated 7 years ago
- C++ POC Tool to inject process and RIP functions using NT SYSCALLS☆24Nov 4, 2017Updated 8 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- force delete runing .exe application file.or delete any locked file☆74Mar 21, 2023Updated 2 years ago
- Kernel mode to user mode dll injection.☆14Nov 10, 2024Updated last year
- This is another tool helping to generate c file for dll hijack, besides AheadLib and AddExport. 这是 AheadLib 和 AddExport 之外的,另一种生成 DLL 劫持…☆27Mar 17, 2019Updated 6 years ago
- ☆10Feb 23, 2026Updated last week
- For Example. See Miro's Blog☆30Nov 26, 2022Updated 3 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- A collection of Anti-RE & Anti-Dump methods☆28Jan 5, 2021Updated 5 years ago
- ☆79Aug 6, 2017Updated 8 years ago
- Purple-team telemetry & simulation toolkit.☆108Dec 16, 2025Updated 2 months ago
- ☆32Jul 2, 2020Updated 5 years ago
- use at your own risk☆37Nov 23, 2019Updated 6 years ago
- Google Cast protocol v2 implementation for Sming allowing you to control your smart TV or cast device from a microcontroller.☆10Feb 13, 2026Updated 2 weeks ago
- The Network project is a C++ encapsulation of WinSock2 to form a lightweight network library; The Graphics project is a C++ encapsulation…☆13Oct 31, 2017Updated 8 years ago
- A Repository for Miscellaneous Scripts☆11Jul 18, 2014Updated 11 years ago
- Returns a HTTP proxy server from a SOCKS5 proxy like Tor☆10Aug 4, 2018Updated 7 years ago
- Windows日志清除工具☆10Apr 3, 2023Updated 2 years ago
- Queries from the blog posts.☆15Oct 6, 2024Updated last year
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Nov 20, 2015Updated 10 years ago