Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
翻译 - Process Ghosting - 一种 PE 注入技术,类似于 Process Doppelgänging,但使用待删除文件而不是事务文件
My implementation of enSilo's Process Doppelganging (PE injection technique)
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
翻译 - Transacted Hollowing - 一种 PE 注入技术,混合了 ProcessHollowing 和 ProcessDoppelgänging
PE loader with various shellcode injection techniques
A more stealthy variant of "DLL hollowing"
翻译 - “ DLL空心化”的更隐蔽的变体
ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
A process injection technique using only thread context manipulation
ProcessGhosting 技术的 rust 实现版本
MS Word , PPT Macros VBA payload Dropper tool ⏳
This python tool injects shellcode in Windows Program Executable to backdoor it with optional polymorphism.
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
