A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
☆100Jun 24, 2021Updated 4 years ago
Alternatives and similar repositories for process_chameleon
Users that are interested in process_chameleon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- My solutions for random crackmes and other challenges☆12Dec 23, 2019Updated 6 years ago
- A more stealthy variant of "DLL hollowing"☆365Mar 8, 2024Updated 2 years ago
- ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…☆230Mar 22, 2023Updated 3 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆641Aug 30, 2022Updated 3 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆22Apr 13, 2018Updated 7 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆84Aug 26, 2024Updated last year
- Set of antianalysis techniques found in malware☆132Aug 25, 2023Updated 2 years ago
- A ready-made template for a project based on libpeconv.☆52Mar 28, 2026Updated 2 weeks ago
- Archive of ransomware decryptors☆34Dec 7, 2017Updated 8 years ago
- Analysing and defeating PatchGuard universally☆35Nov 4, 2020Updated 5 years ago
- Decoders for 7ev3n ransomware☆17Oct 24, 2016Updated 9 years ago
- Demos of various (also non standard) persistence methods used by malware☆225Mar 5, 2023Updated 3 years ago
- A set of small utilities, helpers for PIN tracers☆38Feb 15, 2026Updated last month
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆113Aug 28, 2016Updated 9 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A small library helping to parse commandline parameters (for C/C++)☆57Updated this week
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆59Aug 6, 2025Updated 8 months ago
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Oct 5, 2017Updated 8 years ago
- Simple header only library to change return address on current stack frame.☆22Sep 4, 2016Updated 9 years ago
- ☆15Jul 22, 2024Updated last year
- ☆18Apr 4, 2019Updated 7 years ago
- Set of my small utils related to cryptography, encoding, decoding etc☆95Sep 1, 2025Updated 7 months ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- A wrapper for capstone for bearparser☆16Oct 8, 2025Updated 6 months ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆28Mar 30, 2019Updated 7 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆81Jan 5, 2023Updated 3 years ago
- Converts a DLL into EXE☆815Jul 23, 2023Updated 2 years ago
- My solutions for HackSys Extreme Vulnerable Driver☆12Apr 22, 2018Updated 7 years ago
- a demo for x86/x64's paging memory management learning, convert a virtual address from ring3 to physical address in ring0☆19Aug 26, 2017Updated 8 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆23Feb 3, 2021Updated 5 years ago
- XEDParse emulator based on asmjit/asmtk.☆21Mar 22, 2024Updated 2 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated 2 years ago
- Windows driver including couple different techniques for file removal when regular operation isn't possible.☆71Feb 11, 2016Updated 10 years ago
- Plugin for x64dbg to break on unresolved APIs.☆13Oct 4, 2017Updated 8 years ago
- pass game protect☆12Apr 26, 2014Updated 11 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆688Mar 11, 2024Updated 2 years ago