A powershell script that performs reflective parent process ID (PPID) spoofing and process hollowing to evade Windows Defender
☆11Feb 17, 2023Updated 3 years ago
Alternatives and similar repositories for Reflective-PPIDxProcHollow
Users that are interested in Reflective-PPIDxProcHollow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- red team tips and trix☆12Jun 27, 2025Updated 9 months ago
- Apophis is a Bash script that leverages tools such as DotNetToJScript, ConfuserEx, Net-Obfuscator etc. to generate 'Shellcode runners'.☆20Mar 12, 2023Updated 3 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- ☆12Feb 7, 2023Updated 3 years ago
- Resources and notes for Offensive Security's SOC-200 course and OffSec Defense Analyst (OSDA) exam☆17May 19, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Payload Generation Framework☆102Mar 16, 2024Updated 2 years ago
- Creating a Malicious Macro using MS Word☆26Jun 10, 2022Updated 3 years ago
- Null-free shellcode for TCP reverse shell on Windows x64☆60Feb 19, 2024Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Sep 24, 2022Updated 3 years ago
- A Windows Tool for backing up and restoring Chrome's encrypted cookies☆12Apr 26, 2019Updated 6 years ago
- Run commands over RDP on massive number of hosts☆11Nov 26, 2018Updated 7 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆194Nov 15, 2022Updated 3 years ago
- Slightly modified version of https://raw.githubusercontent.com/killswitch-GUI/CobaltStrike-ToolKit/master/HTTPsC2DoneRight.sh☆12Nov 16, 2017Updated 8 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆31Jan 21, 2024Updated 2 years ago
- Exploit codes for rconfig <= 3.9.4☆11Mar 17, 2020Updated 6 years ago
- ☆36May 13, 2022Updated 3 years ago
- Collection of some of my own tools with other great open source tools out there packaged into a powershell module☆146Sep 18, 2022Updated 3 years ago
- Advanced scanner for CVE-2020-0796 - SMBv3 RCE☆15May 22, 2023Updated 2 years ago
- The best way to send emails in Go.☆12Feb 4, 2021Updated 5 years ago
- A Collection of templates that can be used for abusing window's AlwaysInstallElevated policy☆39Jan 4, 2023Updated 3 years ago
- Pass-thru web server for traffic redirection☆28May 6, 2019Updated 6 years ago
- Obfuscated Invoke-Mimikatz script☆13May 29, 2018Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- PoC of injecting code into a running Linux process☆23Sep 11, 2019Updated 6 years ago
- Testing tools for Oracle Forms☆13Oct 23, 2025Updated 5 months ago
- ☆21Dec 1, 2021Updated 4 years ago
- CipherRun is an ethical hacking tool used to execute shellcode easily while bypassing antivirus solutions.☆11Jan 30, 2024Updated 2 years ago
- a simple powershell wrapper to automate checking a user's access around the network☆13Dec 5, 2023Updated 2 years ago
- Gets the name of all currently running process then checks them against a list of known defensive products such as AV's, EDR's and loggin…☆14Oct 8, 2022Updated 3 years ago
- This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.☆25Apr 1, 2020Updated 5 years ago
- ☆10Apr 21, 2025Updated 11 months ago
- A set of hashcat hcmask files, prioritized by cracking efficiency... and the hcmask_Generator_9000.xlsx tool.☆25Dec 17, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Basic network port scanner created in C#☆19Aug 1, 2019Updated 6 years ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆98Aug 27, 2023Updated 2 years ago
- This repository contains a Python script to automate the process of testing for a vulnerability known as Text4Shell, referenced under the…☆14Jun 27, 2023Updated 2 years ago
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆33Nov 12, 2022Updated 3 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆19Apr 4, 2022Updated 3 years ago
- PowerShell Clipboard Data Transfer☆73Dec 29, 2025Updated 2 months ago