ewilded / PPID_spoofLinks
An example of how to spawn a process with a spoofed parent PID (Visual C++)
☆27Updated 6 years ago
Alternatives and similar repositories for PPID_spoof
Users that are interested in PPID_spoof are comparing it to the libraries listed below
Sorting:
- ☆50Updated 4 years ago
- ☆51Updated 5 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- Load PE via XML Attribute☆31Updated 5 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Updated 5 years ago
- Loads shellcode from a resource file.☆22Updated 5 years ago
- Hijack Printconfig.dll to execute shellcode☆98Updated 4 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆54Updated last year
- A quick tool for hiding a new process running shellcode.☆57Updated 4 years ago
- inject or convert shellcode to PE☆39Updated 5 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆135Updated 5 years ago
- Kernel file/process/object tool☆67Updated 3 years ago
- ☆38Updated 4 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆30Updated 3 years ago
- HookDetection☆46Updated 3 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- RunPE using Hell's Gate technique.☆32Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆22Updated 5 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆41Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆78Updated 4 years ago
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆40Updated 4 years ago
- ☆70Updated 3 months ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- StenographyShellcodeLoader☆43Updated 4 years ago
- (Small change to make it easier to test the payload and combine it with SILENTTRINITY.)A tool for generating .NET serialized gadgets that…☆43Updated 5 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- quick 'n dirty poc based on PoC windows auth prompt in c# based on https://gist.githubusercontent.com/mayuki/339952/raw/2c36b735bc51861a3…☆31Updated 4 years ago
- my learning case about windows☆21Updated 3 years ago