SecurityTimes / Process-InjectionLinks
☆12Updated 5 years ago
Alternatives and similar repositories for Process-Injection
Users that are interested in Process-Injection are comparing it to the libraries listed below
Sorting:
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆91Updated 2 years ago
- A small PoC that creates processes in Windows☆186Updated last year
- Enabled / Disable LSA Protection via BYOVD☆81Updated 4 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Updated last year
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆77Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆140Updated 3 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆128Updated 4 years ago
- The code is a pingback to the Dark Vortex blog:☆187Updated 3 years ago
- Windows API Call Obfuscation☆112Updated 3 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆69Updated 4 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆67Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆118Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆65Updated 3 years ago
- Load static-compiled PE from remote server.☆68Updated 4 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆113Updated 3 years ago
- PoC MSVC COFF Object file loader/injector.☆186Updated 4 years ago
- WTSRM☆216Updated 3 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆143Updated 3 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆172Updated 2 years ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆201Updated last year
- Various methods of executing shellcode☆73Updated 2 years ago
- ☆120Updated 3 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆181Updated 2 years ago
- bring your own vulnerable driver☆112Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆140Updated 2 years ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆65Updated 2 years ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆32Updated 2 years ago
- Reverse Socks5 proxy for windows☆16Updated 3 years ago