Alternatives and similar repositories for Introduction-to-Process-Hollowing

Users that are interested in Introduction-to-Process-Hollowing are comparing it to the libraries listed below

• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆58Updated 3 years ago
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆95Updated 2 years ago
• itaymigdal / GhostNap
  Sleep obfuscation for shellcode implants and their reflective shit
  ☆53Updated 2 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Updated last year
• frkngksl / NimicStack
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆96Updated 3 years ago
• HuskyHacks / the-crown-defcon615
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆46Updated 3 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆90Updated 3 years ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆56Updated last year
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆88Updated 3 years ago
• boku7 / Nobelium-PdfDLRunAesShellcode
  A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn
  ☆102Updated 2 years ago
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆107Updated 3 years ago
• frkngksl / ParallelNimcalls
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Updated 3 years ago
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆157Updated 3 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆39Updated 4 years ago
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆88Updated 2 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆78Updated 2 years ago
• wsummerhill / Malware_Weaponization
  A curated list of tools and techniques written from experience in weaponization of malware
  ☆38Updated 2 years ago
• zimnyaa / xyrella
  PoC XLL builder in Python/Nim
  ☆49Updated 3 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 3 years ago
• RenderZ0n3 / Malware-Development
  ☆10Updated 2 years ago
• S3cur3Th1sSh1t / Nim_DInvoke
  D/Invoke implementation in Nim
  ☆103Updated 3 years ago
• S3cur3Th1sSh1t / NimShellcodeFluctuation
  ShellcodeFluctuation PoC ported to Nim
  ☆79Updated 3 years ago
• shogunlab / Mochi
  Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
  ☆102Updated 3 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆50Updated last year
• Octoberfest7 / lnk_generator
  Small project to facilitate creation of .lnk payloads
  ☆75Updated 3 years ago
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆55Updated 4 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• sidaf / moonshine
  ☆70Updated 2 years ago
• Teach2Breach / dev
  maldev obviously
  ☆28Updated 6 months ago