Alternatives and similar repositories for Run-PE---Run-Portable-Executable-From-Memory

Users that are interested in Run-PE---Run-Portable-Executable-From-Memory are comparing it to the libraries listed below

• apriorit / SvcHostDemo
  Demo service that runs in svchost.exe
  ☆79Updated 7 years ago
• EgeBalci / Hook_API
  Assembly block for hooking windows API functions.
  ☆93Updated 6 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆88Updated 9 years ago
• Ice3man543 / ZeusInjector
  An Open Source Windows DLL Injector With All Known Techniques Available
  ☆87Updated 7 years ago
• BenjaminSoelberg / ReflectivePELoader
  Reflective PE loader for DLL injection
  ☆180Updated 7 years ago
• mgeeky / PE-library
  Lightweight Portable Executable parsing library and a demo peParser application.
  ☆81Updated 2 years ago
• NtRaiseHardError / AntiHook
  PoC designed to evade userland-hooking anti-virus.
  ☆89Updated 6 years ago
• KooroshRZ / Evader
  Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)
  ☆104Updated 5 years ago
• UserExistsError / DllLoaderShellcode
  Shellcode to load an appended Dll
  ☆89Updated 4 years ago
• magnusstubman / dll-exports
  Collection of DLL function export forwards for DLL export function proxying
  ☆104Updated this week
• idan1288 / ProcessHollowing32-64
  Process Hollowing for 32 bit and 64 bit
  ☆79Updated 7 years ago
• avast / pe_tools
  A cross-platform Python toolkit for parsing/writing PE files.
  ☆66Updated last year
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆150Updated 4 years ago
• MalwareTech / ZombifyProcess
  Inject code into a legitimate process
  ☆145Updated 10 years ago
• n00bk1t / n00bk1t
  ☆57Updated 11 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆97Updated 5 years ago
• ytk2128 / api-monitor32
  A simple tool for detecting memory modifications to Windows API.
  ☆23Updated 7 months ago
• polycone / pe-loader
  A Windows PE format file loader
  ☆146Updated 7 years ago
• zodiacon / sysrun
  Run any executable as SYSTEM account (no service required)
  ☆137Updated last year
• bytecode77 / slui-file-handler-hijack-privilege-escalation
  Slui File Handler Hijack UAC Bypass Local Privilege Escalation
  ☆93Updated last month
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆50Updated 8 years ago
• 3gstudent / HiddenNtRegistry
  Use NT Native Registry API to create a registry that normal user can not query.
  ☆94Updated 7 years ago
• MalwareTech / CreateDesktop
  Example application for creating multiple desktops on Windows
  ☆138Updated 7 years ago
• lilkui / runasti
  Runs programs as TrustedInstaller
  ☆49Updated 6 years ago
• akuafif / hXOR-Packer
  A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
  ☆64Updated 3 years ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆226Updated 5 years ago
• michaellandi / exportstoc
  Used to create wrappers and proxy libraries for Windows binaries.
  ☆76Updated 13 years ago
• eLoopWoo / zwhawk
  A kernel rootkit with remote command and control interface for windows
  ☆109Updated 7 years ago
• d35ha / ProcessHide
  ☆64Updated 2 years ago
• zodiacon / WinSys
  C++ library for low-level Windows development
  ☆79Updated last year