dismantl / ImprovedReflectiveDLLInjection

Related projects ⓘ

Alternatives and complementary repositories for ImprovedReflectiveDLLInjection

• Professor-plum / Reflective-Driver-Loader
  ☆393Updated 7 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher
  Universal Unhooking
  ☆316Updated 6 years ago
• rapid7 / ReflectiveDLLInjection
  Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…
  ☆217Updated 10 months ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆216Updated last year
• BenjaminSoelberg / ReflectivePELoader
  Reflective PE loader for DLL injection
  ☆167Updated 7 years ago
• mattifestation / PIC_Bindshell
  Position Independent Windows Shellcode Written in C
  ☆287Updated 6 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆228Updated 4 years ago
• 3gstudent / Inject-dll-by-Process-Doppelganging
  Process Doppelgänging
  ☆154Updated 6 years ago
• jackullrich / ShellcodeStdio
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆494Updated 5 years ago
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆321Updated 7 years ago
• antonioCoco / Mapping-Injection
  Just another Windows Process Injection
  ☆389Updated 4 years ago
• 0xAlexei / WindowsDefenderTools
  Tools for instrumenting Windows Defender's mpengine.dll
  ☆281Updated 6 years ago
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆425Updated 4 years ago
• Barakat / CVE-2019-16098
  Local privilege escalation PoC exploit for CVE-2019-16098
  ☆191Updated 5 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆359Updated 7 years ago
• hasherezade / persistence_demos
  Demos of various (also non standard) persistence methods used by malware
  ☆219Updated last year
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆183Updated 7 years ago
• abhisek / Pe-Loader-Sample
  Proof of concept implementation of in-memory PE Loader based on ReflectiveDLLInjection Technique
  ☆148Updated 6 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆338Updated 8 months ago
• Zer0Mem0ry / RunPE
  Code that allows running another windows PE in the same address space as the host process.
  ☆433Updated 8 years ago
• WithSecureLabs / doublepulsar-usermode-injector
  A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…
  ☆114Updated 7 years ago
• nettitude / SimplePELoader
  In-Memory PE Loader
  ☆369Updated 5 years ago
• peterferrie / win-exec-calc-shellcode
  A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)
  ☆390Updated 6 months ago
• hasherezade / IAT_patcher
  Persistent IAT hooking application - based on bearparser
  ☆247Updated 2 years ago
• hasherezade / process_doppelganging
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆580Updated 2 years ago
• ionescu007 / HookingNirvana
  Recon 2015 Presentation from Alex Ionescu
  ☆232Updated 8 years ago
• 3gstudent / Inject-dll-by-APC
  Asynchronous Procedure Calls
  ☆194Updated 3 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆183Updated 6 years ago
• dadas190 / Heavens-Gate-2.0
  Executes 64bit code from a 32bit process
  ☆231Updated 7 years ago
• repnz / autochk-rootkit
  Reverse engineered source code of the autochk rootkit
  ☆197Updated 5 years ago