Process Hollowing for 32 bit and 64 bit
☆79Nov 10, 2017Updated 8 years ago
Alternatives and similar repositories for ProcessHollowing32-64
Users that are interested in ProcessHollowing32-64 are comparing it to the libraries listed below
Sorting:
- A small commented POC for removing API hooks placed by AV/EDR.☆34Jun 12, 2020Updated 5 years ago
- v1版完成对PE头,区段,输入表的解析☆11Apr 16, 2018Updated 7 years ago
- An implementation of the Process Hollowing technique.☆16Dec 13, 2020Updated 5 years ago
- Executes 64bit code from a 32bit process☆240Jul 23, 2017Updated 8 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆92Mar 23, 2023Updated 2 years ago
- Register a callback from a Manually mapped kernel module☆16Feb 1, 2022Updated 4 years ago
- GUI Application in C# to run and disassemble shellcode☆36Aug 3, 2017Updated 8 years ago
- Convert native dll to shellcode, and support exported function☆25Feb 10, 2021Updated 5 years ago
- AES Crypter for Society of Engineers Remote Access Trojan (RAT) Project Lead: Derek Ta Security Programmer: Taegan Warren☆16Nov 29, 2014Updated 11 years ago
- ☆21Mar 24, 2015Updated 10 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- User-mode hook bypassing method☆33Aug 26, 2016Updated 9 years ago
- ☆11Feb 19, 2023Updated 3 years ago
- Various Crypter Project☆55Feb 26, 2014Updated 12 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- execute a PE in the address space of another PE aka process hollowing☆60Dec 2, 2021Updated 4 years ago
- This is a simple tool to remove the "Rich" header from binaries (EXE or DLL files) created by M$ development tools.☆33Feb 3, 2021Updated 5 years ago
- ☆155Aug 17, 2020Updated 5 years ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆44Sep 3, 2020Updated 5 years ago
- ☆37May 9, 2019Updated 6 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆41May 8, 2025Updated 10 months ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆15Jun 3, 2019Updated 6 years ago
- Simple runtime crypter in C++.☆43Dec 8, 2014Updated 11 years ago
- Hook system calls, context switches, page faults and more.☆34Jul 25, 2019Updated 6 years ago
- Windows Simple Process Logger implemented as driver☆18Oct 27, 2017Updated 8 years ago
- GCC生成Shellcode框架☆18Apr 7, 2025Updated 11 months ago
- Win32 API Hook偵測☆10Oct 1, 2017Updated 8 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- This is a sample that shows how to leverage SetThreadContext for DLL injection☆85Sep 4, 2017Updated 8 years ago
- Evasive Process Hollowing Techniques☆142Aug 16, 2020Updated 5 years ago
- a program to detect reflective dll injection on a live machine☆76Dec 12, 2015Updated 10 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- ☆12Apr 12, 2024Updated last year
- ☆42Mar 7, 2017Updated 9 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆1,002Jan 17, 2023Updated 3 years ago
- A modern c++ implementation of windows heavens gate☆246Sep 19, 2020Updated 5 years ago
- IDA script for vmprotect Windows Api address decoder☆54Jun 8, 2021Updated 4 years ago