🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engineering.(使用C和Intel x86汇编开发的Windows x86可执行文件打包工具,打包后的新文件可以阻碍逆向工程。)
☆356Oct 22, 2024Updated last year
Alternatives and similar repositories for Windows-PE-Packer
Users that are interested in Windows-PE-Packer are comparing it to the libraries listed below
Sorting:
- Run a Exe File (PE Module) in memory (like an Application Loader)☆940Mar 28, 2021Updated 4 years ago
- Open-Source Shellcode & PE Packer☆2,069Feb 3, 2024Updated 2 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆638Aug 30, 2022Updated 3 years ago
- Obfuscate specific windows apis with different apis☆1,023Feb 21, 2021Updated 5 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)☆167May 27, 2021Updated 4 years ago
- A PE (Portable Executable) packer with Huffman Compression and Xor encryption.☆67Sep 11, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Reflective PE packer.☆1,401Feb 22, 2024Updated 2 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- A modern 32/64-bit position independent implant template☆1,295Mar 21, 2025Updated 11 months ago
- Now You See Me, Now You Don't☆1,025Jan 23, 2026Updated last month
- C/C++ source obfuscator for antivirus bypass☆1,063Mar 10, 2022Updated 3 years ago
- Native code virtualizer for x64 binaries☆517Dec 20, 2024Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆718Jul 19, 2023Updated 2 years ago
- x64 binary obfuscator☆1,960Jul 14, 2023Updated 2 years ago
- An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.☆314Oct 18, 2018Updated 7 years ago
- An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…☆1,092Jun 17, 2022Updated 3 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- LoadLibrary for offensive operations☆1,174Oct 22, 2021Updated 4 years ago
- Sleep Obfuscation☆817Dec 3, 2023Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks☆1,698Nov 11, 2022Updated 3 years ago
- Converts PE into a shellcode☆2,745Aug 30, 2025Updated 6 months ago
- AV/EDR evasion via direct system calls.☆1,795Sep 3, 2022Updated 3 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆989Dec 4, 2022Updated 3 years ago
- Shoggoth: Asmjit Based Polymorphic Encryptor☆780Apr 10, 2024Updated last year
- A Pin Tool for tracing API calls etc☆1,620Feb 8, 2026Updated 3 weeks ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆427Feb 11, 2024Updated 2 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆822Aug 23, 2021Updated 4 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆684Mar 11, 2024Updated last year
- Adaptive DLL hijacking / dynamic export forwarding☆807Jul 6, 2020Updated 5 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆922Jul 20, 2024Updated last year
- Code Injection, Inject malicious payload via pagetables pml4.☆243Jul 7, 2021Updated 4 years ago