fern89/ghostwriting-2 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

fern89/ghostwriting-2

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/fern89/ghostwriting-2)

Close

fern89 / ghostwriting-2View on GitHubMore

• External links
• Readme badge

A process injection technique using only thread context manipulation

☆42Dec 18, 2023Updated 2 years ago

Alternatives and similar repositories for ghostwriting-2

Users that are interested in ghostwriting-2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• fern89 / C2

  View on GitHub
  A basic C2 framework written in C
  ☆59Jul 7, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆286Sep 18, 2024Updated last year
• c0de90e7 / GhostWriting

  View on GitHub
  GhostWriting Injection Technique.
  ☆200Mar 26, 2018Updated 8 years ago
• m4ul3r / writing_nimless

  View on GitHub
  Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.
  ☆86Jul 11, 2025Updated 10 months ago
• itaymigdal / PichichiH0ll0wer

  View on GitHub
  Nim process hollowing loader
  ☆63Jul 22, 2025Updated 10 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• S3cur3Th1sSh1t / nim-strenc

  View on GitHub
  string encryption in Nim
  ☆19Jun 15, 2024Updated last year
• akamai / Mirage

  View on GitHub
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆107Feb 25, 2025Updated last year
• AlSch092 / ModifyExports

  View on GitHub
  Research of modifying exported function names at runtime (C/C++, Windows)
  ☆18May 28, 2024Updated last year
• JayGLXR / RustySpy

  View on GitHub
  A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …
  ☆19Mar 6, 2025Updated last year
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆276Dec 13, 2024Updated last year
• gerbsec / SmokeyObfuscator

  View on GitHub
  Rewrite to fit my needs
  ☆33Jul 20, 2024Updated last year
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆103Oct 7, 2023Updated 2 years ago
• fern89 / runpe-x64

  View on GitHub
  RunPE adapted for x64 and written in C, does not use RWX
  ☆28May 18, 2024Updated 2 years ago
• xrombar / flower

  View on GitHub
  a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
  ☆111Mar 25, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Teach2Breach / rekkoex

  View on GitHub
  ☆18Aug 8, 2024Updated last year
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆309Apr 18, 2025Updated last year
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆129Jan 26, 2023Updated 3 years ago
• ameenalkerdy / ETWShellcodeLoader

  View on GitHub
  Shellcode Loader Utilizing ETW Events
  ☆66Feb 26, 2025Updated last year
• Kudaes / Eclipse

  View on GitHub
  Activation Context Hijack
  ☆173May 4, 2026Updated 2 weeks ago
• Teach2Breach / moonwalk

  View on GitHub
  find dll base addresses without PEB WALK
  ☆163Jul 13, 2025Updated 10 months ago
• zarkones / BloodfangC2

  View on GitHub
  Modern PIC implant for Windows (64 & 32 bit)
  ☆107Jul 23, 2025Updated 10 months ago
• joaoviictorti / rustclr

  View on GitHub
  Host CLR and run .NET binaries using Rust
  ☆154Dec 23, 2025Updated 5 months ago
• nbaertsch / Shrike

  View on GitHub
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆61Dec 11, 2024Updated last year
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• SafeBreach-Labs / CortexVortex

  View on GitHub
  ☆81Apr 23, 2024Updated 2 years ago
• Allevon412 / BreadManModuleStomping

  View on GitHub
  ☆45Oct 16, 2023Updated 2 years ago
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆251Jun 11, 2024Updated last year
• Teach2Breach / noldr

  View on GitHub
  Dynamically resolve API function addresses at runtime in a secure manner.
  ☆72Nov 11, 2025Updated 6 months ago
• pygrum / gimmick

  View on GitHub
  Section-based payload obfuscation technique for x64
  ☆64Aug 8, 2024Updated last year
• Kharos102 / interceptor

  View on GitHub
  Sample Rust Hooking Engine
  ☆34Apr 5, 2024Updated 2 years ago
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆174Jun 17, 2024Updated last year
• EgeBalci / deoptimizer

  View on GitHub
  Evasion by machine code de-optimization.
  ☆427Jul 22, 2024Updated last year
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆109Aug 21, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• rasta-mouse / KerbApp

  View on GitHub
  ☆32Jun 1, 2024Updated last year
• itaymigdal / PartyLoader

  View on GitHub
  Threadless shellcode injection tool
  ☆68Aug 5, 2024Updated last year
• skelsec / anfs

  View on GitHub
  Asynchronous NFSv3 client in pure Python
  ☆30Jul 16, 2025Updated 10 months ago
• decoder-it / RelabelAbuse

  View on GitHub
  ☆63May 31, 2024Updated last year
• rtecCyberSec / Packer_Development

  View on GitHub
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆282Jun 15, 2024Updated last year
• 0xv1n / RemoteSessionEnum

  View on GitHub
  Remotely Enumerate sessions using undocumented Windows Station APIs
  ☆118Aug 21, 2024Updated last year
• ricardojoserf / SharpNado

  View on GitHub
  Repository to gather the .NET malware I will be developing
  ☆18Mar 7, 2026Updated 2 months ago