RunPE using Hell's Gate technique.
☆32Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for HellsRunPE
Users that are interested in HellsRunPE are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- execute a PE in the address space of another PE aka process hollowing☆60Dec 2, 2021Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Dec 20, 2019Updated 6 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- DLL Unhooking☆12Mar 26, 2021Updated 4 years ago
- ☆32Jul 2, 2020Updated 5 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- A tool to show the method info at runtime☆13Aug 12, 2019Updated 6 years ago
- Reflectively load PE☆106Aug 4, 2020Updated 5 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Feb 20, 2019Updated 7 years ago
- A tool that reads a PE file from a byte array buffer and injects it into memory.☆29Aug 5, 2019Updated 6 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- Loads .NET Assembly Via CLR Loader☆17Mar 6, 2019Updated 7 years ago
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- ☆14Apr 7, 2018Updated 7 years ago
- .net based packer/obfuscator with apc based pe injection☆15Mar 23, 2016Updated 10 years ago
- Software Protector☆19Aug 16, 2020Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago