Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
翻译 - Process Ghosting - 一种 PE 注入技术,类似于 Process Doppelgänging,但使用待删除文件而不是事务文件
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
Small "Pin To TaskBar" exe for Command Line, tested on Windows 10 Version 20H2 (Win10 19042.964). Reverse engineering of syspin.exe "PE injection into Progman" method.
execute PE in memory Filelessly
ProcessGhosting 技术的 rust 实现版本
PE File Code Cave Helper (Backdooring and/or Basic Section Obfuscation)
Explanation and POC of the Process Hollowing (Windows) technique, commonly used by malware to bypass security systems
Sample code for pe injection.
An wrapper app calling a child subprocess, allowing to ignore its crashes. Useful for building software with buggy tools