Alternatives and similar repositories for Run-PE---Run-Portable-Executable-From-Memory

Users that are interested in Run-PE---Run-Portable-Executable-From-Memory are comparing it to the libraries listed below

• apriorit / SvcHostDemo
  Demo service that runs in svchost.exe
  ☆79Updated 7 years ago
• BenjaminSoelberg / ReflectivePELoader
  Reflective PE loader for DLL injection
  ☆180Updated 7 years ago
• magnusstubman / dll-exports
  Collection of DLL function export forwards for DLL export function proxying
  ☆102Updated last year
• EgeBalci / Hook_API
  Assembly block for hooking windows API functions.
  ☆92Updated 6 years ago
• KooroshRZ / Evader
  Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)
  ☆104Updated 5 years ago
• Ice3man543 / ZeusInjector
  An Open Source Windows DLL Injector With All Known Techniques Available
  ☆86Updated 7 years ago
• jackullrich / memfuck
  A PoC designed to bypass all usermode hooks in a WoW64 environment.
  ☆150Updated 4 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆88Updated 9 years ago
• jackullrich / TRunPE
  A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…
  ☆97Updated 5 years ago
• polycone / pe-loader
  A Windows PE format file loader
  ☆145Updated 7 years ago
• MalwareTech / ZombifyProcess
  Inject code into a legitimate process
  ☆144Updated 10 years ago
• NtRaiseHardError / AntiHook
  PoC designed to evade userland-hooking anti-virus.
  ☆89Updated 6 years ago
• mgeeky / PE-library
  Lightweight Portable Executable parsing library and a demo peParser application.
  ☆80Updated 2 years ago
• ytk2128 / api-monitor32
  A simple tool for detecting memory modifications to Windows API.
  ☆22Updated 6 months ago
• idan1288 / ProcessHollowing32-64
  Process Hollowing for 32 bit and 64 bit
  ☆79Updated 7 years ago
• NtRaiseHardError / NINA
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆226Updated 5 years ago
• MalwareTech / CreateDesktop
  Example application for creating multiple desktops on Windows
  ☆138Updated 7 years ago
• earthquake / Socks5Server
  Windows C/C++ Socks5 Server
  ☆86Updated 2 years ago
• zodiacon / sysrun
  Run any executable as SYSTEM account (no service required)
  ☆133Updated last year
• 3gstudent / HiddenNtRegistry
  Use NT Native Registry API to create a registry that normal user can not query.
  ☆92Updated 7 years ago
• bytecode77 / slui-file-handler-hijack-privilege-escalation
  Slui File Handler Hijack UAC Bypass Local Privilege Escalation
  ☆93Updated last month
• michaellandi / exportstoc
  Used to create wrappers and proxy libraries for Windows binaries.
  ☆76Updated 13 years ago
• akuafif / hXOR-Packer
  A PE (Portable Executable) packer with Huffman Compression and Xor encryption.
  ☆66Updated 3 years ago
• UserExistsError / DllLoaderShellcode
  Shellcode to load an appended Dll
  ☆90Updated 4 years ago
• Zer0Mem0ry / RunPE
  Code that allows running another windows PE in the same address space as the host process.
  ☆449Updated 8 years ago
• abdullah2993 / go-runpe
  execute a PE in the address space of another PE aka process hollowing
  ☆58Updated 3 years ago
• d35ha / ProcessHide
  ☆63Updated 2 years ago
• avast / pe_tools
  A cross-platform Python toolkit for parsing/writing PE files.
  ☆67Updated last year
• EgeBalci / IAT_API
  Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
  ☆76Updated 2 years ago
• lilkui / runasti
  Runs programs as TrustedInstaller
  ☆49Updated 6 years ago