The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
-
Updated
Jun 12, 2024 - C#
The RunPE program is written in C# to execute a specific executable file within another file's memory using the ProcessHollowing technique.
Proof of concept, example of process hollowing, generating reverse TCP shellcode. Conducted on Windows 10 64 Bit 22H2.
Lime Crypter Obfuscator Mod
Nim process hollowing loader
This repo contains a implimentation of the Process Hollowing tehcnique.
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
Evasive Golang Loader
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Penetration testing utility and antivirus assessment tool.
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
Custom malware droppers written in multiple languages.
Hollow is a tool for implementing the process hollowing technique.
PE loader with various shellcode injection techniques
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
x64/x86 shellcode injector
Various Process Injection Techniques
A shellcode runner / injector / hollower in Go, for windows
userland exec for Linux x86_64
Add a description, image, and links to the process-hollowing topic page so that developers can more easily learn about it.
To associate your repository with the process-hollowing topic, visit your repo's landing page and select "manage topics."