ewilded / PPID_spoof
An example of how to spawn a process with a spoofed parent PID (Visual C++)
☆27Updated 6 years ago
Alternatives and similar repositories for PPID_spoof:
Users that are interested in PPID_spoof are comparing it to the libraries listed below
- ☆50Updated 4 years ago
- ☆51Updated 5 years ago
- Hijack Printconfig.dll to execute shellcode☆98Updated 4 years ago
- Load PE via XML Attribute☆30Updated 5 years ago
- A simple COM server which provides a component to run shellcode☆133Updated 4 years ago
- Kernel file/process/object tool☆66Updated 3 years ago
- ☆36Updated 4 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 4 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- StenographyShellcodeLoader☆42Updated 4 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- HookDetection☆46Updated 3 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- CVE-2020-1048 bypass: binary planting PoC☆32Updated 4 years ago
- ☆38Updated 4 years ago
- Loads shellcode from a resource file.☆21Updated 5 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆54Updated last year
- Video files for eBook: "Bypassing AVs by C#.NET Programming"☆41Updated last year
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆18Updated 3 years ago
- my learning case about windows☆21Updated 3 years ago
- ☆69Updated 2 months ago
- ☆36Updated 6 years ago
- A better alternative to RunDLL32☆30Updated 5 years ago
- (Small change to make it easier to test the payload and combine it with SILENTTRINITY.)A tool for generating .NET serialized gadgets that…☆43Updated 5 years ago
- Sound Research SECOMN service Privilege Escalation (windows 10)☆40Updated 5 years ago
- SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.☆26Updated 5 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆30Updated 5 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆21Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆29Updated 3 years ago