Alternatives and similar repositories for InfectPE:

Users that are interested in InfectPE are comparing it to the libraries listed below

• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆361Updated 7 years ago
• dismantl / ImprovedReflectiveDLLInjection
  An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
  ☆319Updated 7 years ago
• Professor-plum / Reflective-Driver-Loader
  ☆396Updated 7 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆218Updated last year
• peperunas / injectopi
  A set of tutorials about code injection for Windows.
  ☆309Updated 5 months ago
• jackullrich / ShellcodeStdio
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆501Updated 5 years ago
• nettitude / SimplePELoader
  In-Memory PE Loader
  ☆370Updated 5 years ago
• hasherezade / IAT_patcher
  Persistent IAT hooking application - based on bearparser
  ☆249Updated 2 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆184Updated 7 years ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆490Updated 7 years ago
• claudiouzelac / rootkit.com
  Mirror of users section of rootkit.com
  ☆289Updated 8 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆358Updated 9 years ago
• kgretzky / python-x86-obfuscator
  This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
  ☆234Updated 8 years ago
• hryuk / Carberp
  ☆518Updated 6 years ago
• landhb / HideProcess
  A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
  ☆658Updated 5 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher
  Universal Unhooking
  ☆317Updated 6 years ago
• Zer0Mem0ry / RunPE
  Code that allows running another windows PE in the same address space as the host process.
  ☆435Updated 8 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆183Updated 7 years ago
• hasherezade / demos
  Demos of various injection techniques found in malware
  ☆791Updated 2 years ago
• tinysec / windows-syscall-table
  windows syscall table from xp ~ 10 rs4
  ☆351Updated 6 years ago
• rapid7 / ReflectiveDLLInjection
  Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…
  ☆222Updated last year
• OpenSecurityResearch / dllinjector
  dll injection tool that implements various methods
  ☆489Updated 12 years ago
• M00nRise / ProcessHider
  Post-exploitation tool for hiding processes from monitoring applications
  ☆728Updated last year
• hfiref0x / ZeroAccess
  ZeroAccess v3 toolkit
  ☆161Updated 7 years ago
• swwwolf / wdbgark
  WinDBG Anti-RootKit Extension
  ☆625Updated 4 years ago
• LloydLabs / Windows-API-Hashing
  This is a simple example and explanation of obfuscating API resolution via hashing
  ☆232Updated 4 years ago
• DarthTon / Polychaos
  PE permutation library
  ☆264Updated last year
• abhisek / Pe-Loader-Sample
  Proof of concept implementation of in-memory PE Loader based on ReflectiveDLLInjection Technique
  ☆150Updated 6 years ago
• hzqst / Syscall-Monitor
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆726Updated 7 years ago
• mattifestation / PIC_Bindshell
  Position Independent Windows Shellcode Written in C
  ☆287Updated 6 years ago