Process Hollowing in C++ (x86 / x64) - Process PE image replacement
☆182Aug 1, 2023Updated 2 years ago
Alternatives and similar repositories for Process-Hollowing
Users that are interested in Process-Hollowing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC Ring3 Windows Rootkit (x86 / x64) - Hide processes and files☆63Aug 1, 2023Updated 2 years ago
- IAT Hooking POC (x86 / x64) - Hook functions through the IAT☆38Jul 29, 2024Updated last year
- Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually☆96Aug 4, 2023Updated 2 years ago
- ASLR Disabler (x86 / x64) - Little utility for disabling the ASLR on PE files☆17Aug 1, 2023Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆93Mar 23, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- PE Explorer in C++ (x86 / x64) - PE file parser, retrieve exports and imports☆79Feb 17, 2024Updated 2 years ago
- Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files☆72Aug 1, 2023Updated 2 years ago
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- Stealing signatures from pe files☆15Apr 1, 2025Updated last year
- Malware dev tricks. Syscalls part 1. Simple C example☆10Jun 8, 2023Updated 2 years ago
- A library with four different methods to execute shellcode in a process☆26Mar 24, 2020Updated 6 years ago
- Some crazy PE executables protection kernel driver☆20May 2, 2020Updated 5 years ago
- Mid Hook Template (x64) - Easy way to mid function hooking in x64☆34Aug 1, 2023Updated 2 years ago
- Run a Exe File (PE Module) in memory (like an Application Loader)☆942Mar 28, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆70Oct 9, 2022Updated 3 years ago
- simple shellcode injector for Windows / Process Hollowing☆15Jun 26, 2024Updated last year
- Disables virtualprotect checks/hooks so you can modify memory and change memory protection in binaries protected by VMProtect.☆135Jun 13, 2021Updated 4 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- Simple KDMapper driver dumper. Unlike other dumpers, this dumper dumps the PE headers of the image too.☆17May 10, 2024Updated last year
- Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode☆162Jul 31, 2022Updated 3 years ago
- A platform independent C++ code obfuscator.☆13Jul 20, 2019Updated 6 years ago
- Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions☆86Feb 13, 2019Updated 7 years ago
- DLL that hooks the NtQuerySystemInformation API and hides a process name☆296May 12, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Red Team Operation's Defense Evasion Technique.☆56Jun 4, 2024Updated last year
- Yet another variant of Process Hollowing☆461Jul 31, 2025Updated 8 months ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- ☆62Jul 31, 2022Updated 3 years ago
- 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…☆356Oct 22, 2024Updated last year
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆16Jun 3, 2019Updated 6 years ago
- EtwHook for win7-win11;☆23Sep 13, 2022Updated 3 years ago
- ☆14Mar 30, 2022Updated 4 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆688Mar 11, 2024Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆104Jun 8, 2023Updated 2 years ago
- Simple Kernelmode DLL Injector with Manual mapping☆347Nov 29, 2023Updated 2 years ago
- Various Process Injection Techniques☆167Jun 14, 2022Updated 3 years ago
- library for importing functions from dlls in a hidden, reverse engineer unfriendly way☆1,922Aug 3, 2023Updated 2 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆382Mar 15, 2024Updated 2 years ago
- working injector bp (BE EAC & VANGUARD)☆38Jul 11, 2022Updated 3 years ago