Alternatives and similar repositories for SimpleProcessHollowing

Users that are interested in SimpleProcessHollowing are comparing it to the libraries listed below

• TunnelGRE / ProcessInjection-GO
  Shellcode encryption in RC4 and process injection into explorer.exe.
  ☆37Updated 2 years ago
• arsium / PELoader
  ☆20Updated last year
• Allevon412 / ReflectiveDLLInjector
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆65Updated last year
• arsium / ShellCodeExec
  My personal shellcode loader
  ☆31Updated 2 years ago
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆64Updated 2 years ago
• qwqdanchun / ScreenShot-BOF
  ☆42Updated last year
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆34Updated last month
• qwqdanchun / RainbowSheep
  Change hash for a signed pe
  ☆16Updated last year
• timwhitez / Doge-RL
  Reflective DLL injection Execution
  ☆19Updated 2 years ago
• hiatus / NtGate
  Transparently call NTAPI via Halo's Gate with indirect syscalls.
  ☆11Updated last year
• dk0m / ZeroCrumb
  Dumping App Bound Protected Credentials & Cookies Without Privileges.
  ☆56Updated 3 weeks ago
• hid3rx / GhostWriting
  ☆31Updated last year
• Meowmycks / etwunhook
  Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
  ☆47Updated last year
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆70Updated last year
• florylsk / NtDump
  Indirect NT syscalls LSASS dumper.
  ☆45Updated last year
• CodeXTF2 / BusySleepBeacon
  This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…
  ☆34Updated 3 years ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆24Updated 2 months ago
• Kr0ff / WinMalDev
  Various methods of executing shellcode
  ☆70Updated 2 years ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated 2 years ago
• Cobalt-Strike / obfuscator-llvm
  ☆54Updated last year
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆40Updated 11 months ago
• ASkyeye / FilelessRemotePE
  Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
  ☆67Updated 2 years ago
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆36Updated last year
• timwhitez / AddressOfEntryPoint-injection
  x64 version
  ☆36Updated 3 years ago
• Teach2Breach / moonwalk
  find dll base addresses without PEB WALK
  ☆93Updated last month
• timwhitez / Doge-Unhook
  DLL Unhooking
  ☆12Updated 4 years ago
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆39Updated 9 months ago
• plackyhacker / Unhook-BitDefender
  Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.
  ☆54Updated 2 years ago
• myzxcg / BypassUAC-Dll
  Use COM Component Bypass UAC,Dll Version
  ☆35Updated 4 years ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆29Updated 5 months ago