dosxuz/ProcessGhosting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

dosxuz/ProcessGhosting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dosxuz/ProcessGhosting)

Close

dosxuz / ProcessGhostingView on GitHubMore

• External links
• Readme badge

Small POC for process ghosting

☆40Feb 1, 2022Updated 4 years ago

Alternatives and similar repositories for ProcessGhosting

Users that are interested in ProcessGhosting are comparing it to the libraries listed below

• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago
• tothi / SharpStay

  View on GitHub
  .NET project for installing Persistence
  ☆63Feb 14, 2022Updated 4 years ago
• rasta-mouse / MinHook.NET

  View on GitHub
  A C# port of the MinHook API hooking library
  ☆55Oct 5, 2022Updated 3 years ago
• GetRektBoy724 / SharpLoadLibrary

  View on GitHub
  An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.
  ☆55Mar 3, 2022Updated 3 years ago
• oldboy21 / CGPL

  View on GitHub
  Yet, Another Packer/Loader
  ☆25Feb 26, 2023Updated 3 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• p3pperp0tts / malware_decompiled_code

  View on GitHub
  ☆19Mar 21, 2020Updated 5 years ago
• jfmaes / CMDLL

  View on GitHub
  the most basic DLL ever to pop a cmd.
  ☆24Jul 11, 2020Updated 5 years ago
• N4kedTurtle / LocalDllParse

  View on GitHub
  ☆53Nov 11, 2021Updated 4 years ago
• sbasu7241 / HellsGate

  View on GitHub
  Rewrote HellsGate in C# for fun and learning
  ☆86Feb 10, 2022Updated 4 years ago
• Allevon412 / ReflectiveDLLInjector

  View on GitHub
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆64Jul 11, 2023Updated 2 years ago
• rkzofficial / Horizon

  View on GitHub
  Remote Administration Tool, Server Written in C# and Client Written in C++
  ☆15Dec 8, 2022Updated 3 years ago
• Nariod / Laz-y-templates

  View on GitHub
  Laz-y project compatible C# templates for shellcode injection.
  ☆20May 1, 2022Updated 3 years ago
• Wra7h / SharpGhosting

  View on GitHub
  Process Ghosting in C#
  ☆219Jan 24, 2022Updated 4 years ago
• Wra7h / ARCInject

  View on GitHub
  Overwrite a process's recovery callback and execute with WER
  ☆102Apr 17, 2022Updated 3 years ago
• Allevon412 / PPL_Sandboxer

  View on GitHub
  ☆81Feb 12, 2022Updated 4 years ago
• GetRektBoy724 / JALSI

  View on GitHub
  JALSI - Just Another Lame Shellcode Injector
  ☆30Aug 1, 2021Updated 4 years ago
• NorthwaveSecurity / kernel-mii

  View on GitHub
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆30Jun 7, 2023Updated 2 years ago
• S3cur3Th1sSh1t / SharpByeBear

  View on GitHub
  AppXSVC Service race condition - privilege escalation
  ☆30Jul 30, 2019Updated 6 years ago
• arsium / PELoader

  View on GitHub
  ☆20Jul 23, 2023Updated 2 years ago
• rvrsh3ll / PELoader

  View on GitHub
  Load PE via XML Attribute
  ☆32Feb 1, 2020Updated 6 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 3 years ago
• shogunlab / Mochi

  View on GitHub
  Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.
  ☆101Mar 27, 2022Updated 3 years ago
• netspooky / kimagure

  View on GitHub
  ☆44Jun 22, 2021Updated 4 years ago
• Shrfnt77 / DynamicSyscalls

  View on GitHub
  DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)
  ☆66Nov 13, 2022Updated 3 years ago
• S3cur3Th1sSh1t / Nim-RunPE

  View on GitHub
  A Nim implementation of reflective PE-Loading from memory
  ☆300Sep 5, 2024Updated last year
• plackyhacker / Sys-Calls

  View on GitHub
  An example of using Syscalls in C# to get a meterpreter shell.
  ☆112Oct 7, 2021Updated 4 years ago
• post-cyberlabs / Offensive_tools

  View on GitHub
  ☆413Dec 14, 2023Updated 2 years ago
• waleedassar / SyscallNumberExtractor

  View on GitHub
  ☆24Sep 26, 2021Updated 4 years ago
• dosxuz / DefenderStop

  View on GitHub
  Stop Defender Service using C# via Token Impersonation
  ☆169Jan 30, 2022Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆18Jan 21, 2022Updated 4 years ago
• Soledge / BlockEtw

  View on GitHub
  .Net Assembly to block ETW telemetry in current process
  ☆81May 14, 2020Updated 5 years ago
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆141Jan 9, 2022Updated 4 years ago
• Group-IB / pythf

  View on GitHub
  Malware detonation platform Polygon integration
  ☆10Aug 1, 2023Updated 2 years ago
• TheKevinWang / UACHooker

  View on GitHub
  Reflective DLL that hooks the creation of the UAC prompt popped by explorer.exe for privilege escalation.
  ☆22Feb 20, 2021Updated 5 years ago
• h4wkst3r / SharPersist

  View on GitHub
  Windows Persistence Toolkit in C#
  ☆36Sep 23, 2022Updated 3 years ago
• Wra7h / PEResourceInject

  View on GitHub
  ☆60Jun 26, 2022Updated 3 years ago
• scareing / cmd2shellcode

  View on GitHub
  cmd2shellcode
  ☆79May 6, 2021Updated 4 years ago
• rad9800 / WTSRM

  View on GitHub
  WTSRM
  ☆216Aug 7, 2022Updated 3 years ago