RunPE using Hell's Gate technique.
☆32Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for HellsRunPE
Users that are interested in HellsRunPE are comparing it to the libraries listed below
Sorting:
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆28Aug 5, 2019Updated 6 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- A tool to show the method info at runtime☆13Aug 12, 2019Updated 6 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Dec 20, 2019Updated 6 years ago
- Reflectively load PE☆106Aug 4, 2020Updated 5 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- execute a PE in the address space of another PE aka process hollowing☆60Dec 2, 2021Updated 4 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- ☆32Jul 2, 2020Updated 5 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- .net based packer/obfuscator with apc based pe injection☆15Mar 23, 2016Updated 9 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- PInvoke at runtime for .NET☆17Sep 13, 2018Updated 7 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- C++ Host .NET CLR & Run a assembly directly from ressource (RT_RCDATA) without extraction disk.☆15Mar 18, 2023Updated 2 years ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆15Jun 3, 2019Updated 6 years ago
- ☆14Apr 7, 2018Updated 7 years ago
- Loads .NET Assembly Via CLR Loader☆17Mar 6, 2019Updated 6 years ago
- Using the Windows API to mess with Task Manager in GoLANG☆15Sep 7, 2021Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- ☆65Nov 12, 2022Updated 3 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- Software Protector☆19Aug 16, 2020Updated 5 years ago