An implementation of the Process Hollowing technique.
☆16Dec 13, 2020Updated 5 years ago
Alternatives and similar repositories for Process-Hollowing
Users that are interested in Process-Hollowing are comparing it to the libraries listed below
Sorting:
- External Hooking ( Bypasss process byte patching checks | Injector included )☆22Mar 12, 2023Updated 2 years ago
- The modifyed cjson that can running on windows kernel☆15Mar 21, 2023Updated 2 years ago
- ☆16Apr 10, 2025Updated 10 months ago
- hkxiaoyu的windows c++应用层基础库☆12Sep 17, 2020Updated 5 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Exploit Exercises for Security Researchers (arm, x86...)☆13May 10, 2019Updated 6 years ago
- Kernel-Mode driver and User-Mode application communication project☆12Jun 24, 2018Updated 7 years ago
- 基于UDP穿越非对称NAT建立P2P网络的Windows实现(UDP打洞)☆13Nov 6, 2019Updated 6 years ago
- windows user mode network library☆12Jan 13, 2026Updated last month
- Program to leak anti-virus behaviour and such☆14Apr 18, 2019Updated 6 years ago
- An example of Windows self-replicating malware.☆11Jan 16, 2023Updated 3 years ago
- ☆33Sep 24, 2021Updated 4 years ago
- Windows process injection methods☆18Jul 18, 2021Updated 4 years ago
- A lock-free, high-performance logging system designed for Windows kernel drivers��☆24Mar 11, 2025Updated 11 months ago
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- A kernel-mode rootkit with remote control☆221Nov 13, 2020Updated 5 years ago
- With this RunPE you can easily inject your payload in any x86 or x64 program.☆15Jun 3, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- A simple packer working with all PE files which cipher your exe with a XOR implementation☆15Aug 10, 2020Updated 5 years ago
- ☆24Jul 15, 2023Updated 2 years ago
- BetaShield Windows x86 Ring3 Anticheat v2☆42Jan 11, 2017Updated 9 years ago
- Register a callback from a Manually mapped kernel module☆16Feb 1, 2022Updated 4 years ago
- Memory management library for Node.js (Windows/Linux).☆15Oct 21, 2022Updated 3 years ago
- Windows system repair tool☆18Jun 2, 2021Updated 4 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- 一个基于windows共享内存的进程间通信库☆21Oct 17, 2019Updated 6 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Rootkit loader for your rootkit dll, x86/x64 system wide DLL injection (+appinit_dlls registry create) uses heavens gate☆22Jan 28, 2021Updated 5 years ago
- Process Hollowing for 32 bit and 64 bit☆79Nov 10, 2017Updated 8 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Simple PE Packer Which Encrypts .text Section�☆50May 28, 2017Updated 8 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- A SOCKS5-configured syscall hook that allows transparent TCP proxying on Windows for IPv4 and IPv6.☆26Jul 9, 2021Updated 4 years ago
- Desktop application for remote PC control☆19Aug 3, 2021Updated 4 years ago
- Hacker Disassembler Engine - mirro☆26Jul 13, 2022Updated 3 years ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆28Sep 12, 2024Updated last year