Alternatives and similar repositories for Introduction-to-Process-Hollowing

Users that are interested in Introduction-to-Process-Hollowing are comparing it to the libraries listed below

• HuskyHacks / the-crown-defcon615
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆45Updated 3 years ago
• itaymigdal / GhostNap
  Sleep obfuscation for shellcode implants and their reflective shit
  ☆51Updated last year
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆68Updated last year
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆94Updated last year
• boku7 / Nobelium-PdfDLRunAesShellcode
  A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn
  ☆101Updated 2 years ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆57Updated 2 years ago
• frkngksl / NimicStack
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆94Updated 2 years ago
• zimnyaa / xyrella
  PoC XLL builder in Python/Nim
  ☆46Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆89Updated 2 years ago
• jsecu / 7DaysofRed
  7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal
  ☆18Updated 4 years ago
• zimnyaa / nim-noload-dll-hollowing
  Unused DLL hollowing PoC in Nim
  ☆17Updated 3 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated last year
• wsummerhill / Malware_Weaponization
  A curated list of tools and techniques written from experience in weaponization of malware
  ☆37Updated last year
• codewhitesec / SysmonEnte
  ☆74Updated 2 years ago
• praetorian-inc / Matryoshka
  Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.
  ☆39Updated 4 years ago
• frkngksl / ParallelNimcalls
  Nim version of MDSec's Parallel Syscall PoC
  ☆124Updated 3 years ago
• RenderZ0n3 / Malware-Development
  ☆10Updated 2 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 2 years ago
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆86Updated 2 years ago
• zimawhit3 / HellsGateNim
  A quick example of the Hells Gate technique in Nim
  ☆95Updated 3 years ago
• reznok / MemoryLoader
  A .NET binary loader that bypasses AMSI
  ☆46Updated 3 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆38Updated 3 years ago
• S3cur3Th1sSh1t / Nim_DInvoke
  D/Invoke implementation in Nim
  ☆101Updated 3 years ago
• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 3 years ago
• nullsection / SharpETW-Patch
  ☆23Updated last year
• S3cur3Th1sSh1t / NimShellcodeFluctuation
  ShellcodeFluctuation PoC ported to Nim
  ☆77Updated 2 years ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆58Updated this week
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆54Updated 5 years ago
• OffenseTeacher / NimRekey
  ☆40Updated 2 years ago