Proof of concept, example of process hollowing, generating reverse TCP shellcode. Conducted on Windows 10 64 Bit 22H2.
-
Updated
May 14, 2024 - C#
Proof of concept, example of process hollowing, generating reverse TCP shellcode. Conducted on Windows 10 64 Bit 22H2.
This repo contains a implimentation of the Process Hollowing tehcnique.
Implementation of process hollowing on x32 .
The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
Hollow is a tool for implementing the process hollowing technique.
userland exec for Linux ARM v7
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
Execution of the malicious code is masked under a legitimate process.
Custom malware droppers written in multiple languages.
A shellcode runner / injector / hollower in Go, for windows
An implementation of the Process Hollowing technique.
process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread
Lime Crypter Obfuscator Mod
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
Nim process hollowing loader
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
userland exec for Linux x86_64
execute a PE in the address space of another PE aka process hollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
Add a description, image, and links to the process-hollowing topic page so that developers can more easily learn about it.
To associate your repository with the process-hollowing topic, visit your repo's landing page and select "manage topics."