rbmm / Hollowed-Process
☆25Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for Hollowed-Process
- Collect Windows telemetry for Maldev☆36Updated this week
- Self Delete DLL☆23Updated 8 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆13Updated 4 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- ☆21Updated 6 months ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- ☆22Updated 3 weeks ago
- really ?☆12Updated 8 months ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Modify managed functions from unmanaged code☆49Updated 9 months ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆12Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆24Updated 5 months ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- Repository of Microsoft Driver Block Lists based off of OS-builds☆38Updated 6 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- An example of COM hijacking using a proxy DLL.☆24Updated 3 years ago
- miscellaneous codes☆35Updated last year
- Simple and sane cryptographic wrapper library.☆26Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆17Updated last year
- Self delete DLL (2)☆14Updated 8 months ago
- Cobalt Strike notifications via NTFY.☆13Updated last month
- ☆26Updated 11 months ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆24Updated last year
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- Sniffing files generator☆19Updated this week
- Bunch of BOF files☆23Updated 8 months ago
- Extension functionality for the NightHawk operator client☆26Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆37Updated 10 months ago