An example of how to spawn a process with a spoofed parent PID (Visual C++)
☆29Mar 3, 2019Updated 7 years ago
Alternatives and similar repositories for PPID_spoof
Users that are interested in PPID_spoof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆157Jun 10, 2019Updated 6 years ago
- Installs And Executes Shellcode☆12Jul 26, 2015Updated 10 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- alternative to procdump☆11May 26, 2021Updated 4 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- A collection of C# tools for various purposes (kerberoasting, tickets, mimikatz, privesc, domain enumeration and more)☆80Aug 12, 2019Updated 6 years ago
- R3劫持所有异常☆15Jan 4, 2021Updated 5 years ago
- Minimalist Custom .NET Core Garbage Collector☆23Jun 15, 2020Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- Use to browse the share file by eas(Exchange Server ActiveSync)☆46Jun 28, 2020Updated 5 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Jul 6, 2019Updated 6 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- Lightweight FreeBSD rootkit for stealth persistence, process hiding, and system control.☆19Mar 2, 2020Updated 6 years ago
- ☆14Nov 29, 2019Updated 6 years ago
- Reverseshell Generator☆10Dec 13, 2017Updated 8 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- This is the linux version of the R.A.T client written in c#☆10Jun 25, 2017Updated 8 years ago
- Small tool to get a SYSTEM shell☆129Feb 7, 2016Updated 10 years ago
- ☆22Jan 15, 2025Updated last year
- The program is designed to dump full memory of the process by specifing process name or process id.☆41Jul 29, 2019Updated 6 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- SSH password logging via PAM☆30Jul 7, 2020Updated 5 years ago
- A tool that helps you get system shell without UAC prompt☆50Oct 8, 2018Updated 7 years ago
- Hide .Net assembly into png images☆36Aug 11, 2019Updated 6 years ago
- WMI Event Subscription Persistence in C#☆112May 29, 2019Updated 6 years ago
- Run Rubeus via Rundll32☆207Apr 25, 2020Updated 5 years ago
- ReflectiveDLL学习代码☆35Jul 12, 2020Updated 5 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- external c2 use domainhiding.☆49Oct 27, 2020Updated 5 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆347Jul 21, 2020Updated 5 years ago
- Event Data Collector☆39Jan 12, 2026Updated 2 months ago
- 几个UAC Bypass的方法☆12Apr 13, 2018Updated 7 years ago
- A simple POC to demonstrate the power of .NET debugging for injection☆73Aug 11, 2020Updated 5 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 3 years ago
- ☆10May 23, 2019Updated 6 years ago