process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
☆31Jan 9, 2022Updated 4 years ago
Alternatives and similar repositories for process-hollowing
Users that are interested in process-hollowing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 8 months ago
- Generate Proxy DLLs in Rust☆50Mar 2, 2026Updated last month
- various methods of making API calls☆19Feb 1, 2025Updated last year
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆136Dec 8, 2025Updated 4 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 9 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Shellcode loader with evasion capabilities written in Nim☆16Jan 25, 2025Updated last year
- MacOS Stealer written in Rust. For Legal and Ethical Research Purposes Only.☆25Jan 3, 2025Updated last year
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆94Jan 2, 2026Updated 3 months ago
- 模拟NtTerminateProcess的实现关闭PCHunter☆15Mar 25, 2018Updated 8 years ago
- ☆55May 31, 2025Updated 10 months ago
- ClickForClickOnce - Generate configurable clickonce payloads☆93Oct 10, 2025Updated 6 months ago
- Windows C++ Implant for Exploration C2☆45Jan 26, 2026Updated 2 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆43Mar 3, 2026Updated last month
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 11 months ago
- Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.☆46Aug 13, 2025Updated 7 months ago
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Repository for the DEF CON 33 talk: Kill Chain Reloaded☆82Aug 3, 2025Updated 8 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆88Apr 11, 2023Updated 3 years ago
- A small How-To on creating your own weaponized WSL file☆125Jul 23, 2025Updated 8 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 3 years ago
- Basic d3d11 nuklear implementation for internal game cheats.☆16Jan 21, 2021Updated 5 years ago
- Nim Shellcode Injector☆15Jan 24, 2021Updated 5 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆92Oct 10, 2022Updated 3 years ago
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated 2 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last week
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- 利用CE的DBK驱动加载未签名驱动☆39Oct 19, 2023Updated 2 years ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆111Jan 18, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆27Jul 4, 2025Updated 9 months ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Apr 17, 2021Updated 4 years ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆12Jun 3, 2025Updated 10 months ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- This is the latest version of XenoRAT, updated with configurations and capable of bypassing all system securities. It will be maintained …☆23Apr 16, 2025Updated 11 months ago
- ☆165May 5, 2025Updated 11 months ago