go-procinject
Repository with some process injection techniques implemented in Golang.
For each technique, the program does the following steps:
- Create the target 32-bit process
C:\\Windows\\SysWOW64\\notepad.exein suspended and no window mode - Allocate RW memory to that target process
- Write the 32-bit shellcode into that target process
- Change the memory to RX
- Execute the MessageBox shellcode
Techniques
- CreateRemoteThread
- NtCreateRemoteThread
- QueueUserAPC
- NtQueueUserAPC
- RtlCreateUserThread
- SetThreadContext
- SetThreadContext with C code