cocomelonc / hack-process-hacker2
Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
☆17Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for hack-process-hacker2
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆19Updated last year
- Early cascade injection PoC based on Outflanks blog post written in Rust☆18Updated last week
- Windows AppLocker Driver (appid.sys) LPE☆36Updated 3 months ago
- ☆48Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 11 months ago
- Persistence via Shell Extensions☆62Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆31Updated 7 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆51Updated last year
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆30Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆21Updated 6 months ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 6 months ago
- ☆18Updated last month
- Beacon Debugger☆35Updated 3 weeks ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆28Updated last year
- ☆34Updated last year
- ☆27Updated 4 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- Get your data from the resource section manually, with no need for windows apis☆53Updated 3 weeks ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆22Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- In-memory hiding technique☆42Updated 5 months ago
- A collection of red team techniques.☆13Updated this week
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆42Updated 8 months ago
- ☆12Updated 3 months ago