naksyn/ProcessStomping

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/naksyn/ProcessStomping)

naksyn / ProcessStomping

A variation of ProcessOverwriting to execute shellcode on an executable's section

☆148

Alternatives and similar repositories for ProcessStomping

Users that are interested in ProcessStomping are comparing it to the libraries listed below

Sorting:

Bl4ckM1rror / PEAs
View on GitHub
☆60Dec 15, 2023Updated 2 years ago
kleiton0x00 / Proxy-DLL-Loads
View on GitHub
A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
☆409Jan 11, 2026Updated last month
ewby / Mockingjay_BOF
View on GitHub
Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
☆158Nov 7, 2023Updated 2 years ago
Mr-Un1k0d3r / .NetConfigLoader
View on GitHub
.net config loader
☆348Nov 9, 2023Updated 2 years ago
CognisysGroup / HadesLdr
View on GitHub
Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
☆293Jul 15, 2023Updated 2 years ago
florylsk / NtRemoteLoad
View on GitHub
Remote Shellcode Injector
☆220Aug 27, 2023Updated 2 years ago
lsecqt / ThreadlessInject-C-Implementation
View on GitHub
This repository implements Threadless Injection in C
☆172Dec 23, 2023Updated 2 years ago
sokaRepo / CoercedPotatoRDLL
View on GitHub
Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
☆225Nov 23, 2023Updated 2 years ago
pard0p / CallstackSpoofingPOC
View on GitHub
C++ self-Injecting dropper based on various EDR evasion techniques.
☆427Feb 11, 2024Updated 2 years ago
BlackSnufkin / NovaLdr
View on GitHub
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
☆258Jun 29, 2024Updated last year
florylsk / RecycledInjector
View on GitHub
Native Syscalls Shellcode Injector
☆266Jul 2, 2023Updated 2 years ago
0xEr3bus / PoolPartyBof
View on GitHub
A beacon object file implementation of PoolParty Process Injection Technique.
☆433Dec 21, 2023Updated 2 years ago
Maldev-Academy / RemoteTLSCallbackInjection
View on GitHub
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
☆287Jan 21, 2024Updated 2 years ago
BlackSnufkin / GhostDriver
View on GitHub
yet another AV killer tool using BYOVD
☆305Dec 12, 2023Updated 2 years ago
lap1nou / CLR_Heap_encryption
View on GitHub
☆101Oct 7, 2023Updated 2 years ago
Maldev-Academy / Christmas
View on GitHub
PoC demonstrating a multi process injection chain aimed at remotely executing shellcode
☆260Jan 21, 2024Updated 2 years ago
CCob / ThreadlessInject
View on GitHub
Threadless Process Injection using remote function hooking.
☆809Sep 4, 2024Updated last year
outflanknl / unmanaged-dotnet-patch
View on GitHub
Modify managed functions from unmanaged code
☆53Feb 1, 2024Updated 2 years ago
reveng007 / DarkWidow
View on GitHub
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
☆776Jan 26, 2026Updated last month
Cracked5pider / LdrLibraryEx
View on GitHub
A small x64 library to load dll's into memory.
☆457Nov 6, 2023Updated 2 years ago
senzee1984 / InflativeLoading
View on GitHub
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
☆325Apr 12, 2024Updated last year
decoder-it / TokenStealer
View on GitHub
☆162Oct 25, 2023Updated 2 years ago
MalwareTech / EDR-Preloader
View on GitHub
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
☆539Feb 13, 2024Updated 2 years ago
OtterHacker / CoffLoader
View on GitHub
☆60Jan 9, 2023Updated 3 years ago
OtterHacker / SetProcessInjection
View on GitHub
☆152Oct 2, 2023Updated 2 years ago
MalwareTech / EDRception
View on GitHub
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
☆203Dec 27, 2023Updated 2 years ago
Maldev-Academy / HellHall
View on GitHub
Performing Indirect Clean Syscalls
☆605Apr 19, 2023Updated 2 years ago
dmcxblue / SharpHIBP
View on GitHub
A C# Tool to gather information about email breaches
☆16Dec 21, 2023Updated 2 years ago
S1lkys / SharpKiller
View on GitHub
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
☆351Aug 29, 2024Updated last year
JanielDary / ImmoralFiber
View on GitHub
Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
☆281Sep 18, 2024Updated last year
Kudaes / ADPT
View on GitHub
DLL proxying for lazy people
☆200Dec 1, 2025Updated 2 months ago
icyguider / LatLoader
View on GitHub
PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
☆307Dec 9, 2023Updated 2 years ago
Krypteria / AtlasLdr
View on GitHub
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
☆389Oct 8, 2024Updated last year
fortra / No-Consolation
View on GitHub
A BOF that runs unmanaged PEs inline
☆680Oct 23, 2024Updated last year
Maldev-Academy / MaldevAcademyLdr.1
View on GitHub
RunPE implementation with multiple evasive techniques (1)
☆380Sep 22, 2023Updated 2 years ago
SaadAhla / D1rkLdr
View on GitHub
Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
☆322Aug 2, 2023Updated 2 years ago
ricardojoserf / WhoamiAlternatives
View on GitHub
Different methods to get current username without using whoami
☆186Feb 12, 2024Updated 2 years ago
rasta-mouse / CsWhispers
View on GitHub
Source generator to add D/Invoke and indirect syscall methods to a C# project.
☆190Mar 4, 2024Updated last year
naksyn / DojoLoader
View on GitHub
Generic PE loader for fast prototyping evasion techniques
☆244Jul 2, 2024Updated last year