Vasco0x4 / SimpleProcessHollowing
simple shellcode injector for Windows / Process Hollowing
☆11Updated 7 months ago
Alternatives and similar repositories for SimpleProcessHollowing:
Users that are interested in SimpleProcessHollowing are comparing it to the libraries listed below
- Shellcode encryption in RC4 and process injection into explorer.exe.☆37Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆45Updated 8 months ago
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆16Updated 2 months ago
- This tool is intended to be used for on target enumeration to gather and exfiltrate information and then to upload tools such as netcat o…☆21Updated last year
- Direct syscalls Injection to bypass AV/EDR☆11Updated 8 months ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆41Updated 9 months ago
- ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过☆39Updated 5 months ago
- A rework of CMLuaUtil AutoElevated☆23Updated 2 years ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆18Updated 6 months ago
- A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.☆37Updated 4 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆39Updated 8 months ago
- Mockingjay process self injection POC☆27Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆42Updated 10 months ago
- ☆39Updated last year
- ☆20Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆84Updated 7 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆118Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 4 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆152Updated 8 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆53Updated 6 months ago
- A simple Sleepmask BOF example☆81Updated 4 months ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆43Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 5 months ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆69Updated 3 months ago
- Mockingjay Process Injection Vulnerable DLL Finder☆18Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆89Updated 10 months ago
- Inject shellcode into process via "EarlyBird"☆25Updated 3 years ago
- BOF with Synthetic Stackframe☆103Updated this week
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆153Updated 2 years ago
- Generic PE loader for fast prototyping evasion techniques☆191Updated 6 months ago