process-injection

There are 12 repositories under process-injection topic.

• inceptor

  klezVirus / inceptor

  Template-Driven AV/EDR Evasion Framework

  obfuscationpinvokedinvokecode-injectionprocess-injectionav-bypassamsi-bypassav-evasionedr-bypasspe-packeramsi-evasionred-teamred-teamingav-edr-bypasspayload-generator
  Language:Assembly 1745

• thomasxm / BOAZ_beta

  Multilayered AV/EDR Evasion Framework

  boazcode-injectionobfuscationav-bypassav-edr-bypassav-evasionedr-bypassetw-bypasspayload-generatorpe-packerprocess-injectionred-teamingred-teaming-toolsred-reamantivirus-evasion
  Language:C++ 847

• itaymigdal / awesome-injection

  Centralized resource for listing and organizing known injection techniques and POCs

  awesome-listprocess-injection
  652

• alphaSeclab / injection-stuff

  PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts

  code-injectiondll-injectiondylib-injectionelf-injectionpe-injectionprocess-injectionshellcode-injectionthread-injection
  555

• Hagrid29 / PELoader

  PE loader with various shellcode injection techniques

  pe-loaderprocess-hollowingprocess-injectiondllmalwarepayloadpe-injector
  Language:C++ 437

• WesleyWong420 / RedTeamOps-Havoc-101

  Materials for the workshop "Red Team Ops: Havoc 101"

  active-directoryav-evasionedr-bypasshavocopsecprocess-injectionred-team-ops
  Language:C# 387

• christophetd / spoofing-office-macro

  :fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.

  office-macroparent-process-spoofingwindows-securityprocess-injectionwindows-internals
  Language:VBA 383

• KooroshRZ / Windows-DLL-Injector

  Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes

  cppdll-injectioneducational-projectmemory-hackingprocess-injectionsystem-hackingwindows
  Language:C++ 341
• ntqueueapcthreadex-ntdll-gadget-injection

  LloydLabs / ntqueueapcthreadex-ntdll-gadget-injection

  This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.

  process-injectionshellcodeshellcode-injection
  Language:C 259

• enkomio / ManagedInjector

  A C# DLL injection library

  csharpdll-injectiondll-injectordotnetinjectionprocess-controlprocess-injectionprocess-injectorreverse-engineeringreversing
  Language:C# 216

• reveng007 / ReflectiveNtdll

  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber

  antivirusdropperedrevasionfiberimplantmalwarentdll-unhookingsystemfunction033process-injectionbypassbypass-antivirus
  Language:C 180

• gh0x0st / wanderer

  An open-source process injection enumeration tool written in C#

  enumeration-tooloffensive-securitypen-300process-injectionsecurity-tools
  Language:C# 173

• PI-Defender / pi-defender

  Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

  anti-injectionanti-malwareantivirusblue-teamdefensedriverkernelmalwareprocess-injectionsecuritywindows
  Language:C++ 154

• tbhaxor / WinAPI-RedBlue

  Source code of exploiting windows API for red teaming series

  pentesteracademypentester-academywindowswindows-10red-teamblue-teamswinapiwin32apiexploitationprocess-listprocess-injection
  Language:C++ 150

• buzzer-re / Shinigami

  A dynamic unpacking tool

  malware-analysismalware-detectionmalware-researchprocess-injectionreverse-engineeringwindows
  Language:C++ 143

• Konis-Bros / espio

  Shellcode obfuscation tool to avoid AV/EDR.

  antivirus-evasioncppdll-unhookingobfuscationprocess-injectionpython
  Language:C++ 130

• voidvxvt / HellBunny

  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

  direct-syscallsedr-evasionindirect-syscallsmaldevmalware-developmentmsvcnative-apintapiwindowsiat-camouflagepayload-encryptionprocess-injectionedr-bypassapi-hashingdlldll-sideloadingshellcode-injectionshellcode-loader
  Language:C 129

• ZeroMemoryEx / Shellcode-Injector

  simple shellcode injector

  process-hollowingprocess-injectionred-teamshellcode-injector
  Language:C++ 117

• neox41 / go-procinject

  Process Injection Techniques with Golang

  golanggoprocessinjectionprocess-injection
  Language:Go 81

• Fatmike-GH / DLLInjectionDetector

  A DLL Injection Detector for Windows.

  anticheatapi-hookingcode-injectiondll-injectiondll-injection-detectionexe-protectionexe-protectorhookhookinginjectioninjection-attackinjection-attacksprocess-injectionreverse-engineeringwindows
  Language:C++ 73

• Kr0ff / WinMalDev

  Various methods of executing shellcode

  malwareshellcodeshellcode-runnerprocess-injectionshellcode-injectionshellcode-loaderwindows
  Language:C 72

• itaymigdal / PartyLoader

  Threadless shellcode injection tool

  payload-generatorprocess-injectionthreadless-injection
  Language:Nim 67

• 0xlane / com-process-inject

  Process Injection via Component Object Model (COM) IRundown::DoCallback().

  process-injectionrustwindowsprocess-injectorredteam-tools
  Language:Rust 61

• itaymigdal / PichichiH0ll0wer

  Nim process hollowing loader

  edr-bypassedr-evasionloaderpayload-generatorpayload-injectorpe-loaderpenetration-testingpenetration-testing-toolsprocess-hollowingprocess-injectionred-teamred-team-toolsrunpesyscalls
  Language:Nim 60

• Apr4h / GetInjectedThreads

  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1

  incident-responsememory-forensicsblueteamprocess-injection
  Language:C# 54

• 0dayNinja / Windows-x64-Processes-Injector

  0day Windows/x64 Inject All Processes With Meterpreter Reverse Shell Shellcode (655 bytes)

  0daywindowsprocess-injectionmeterpretershell-code
  Language:Assembly 51

• redeflesq / firewall-bypass

  PoC for downloading data by injecting into processes to evade firewalls

  downloaderfirewall-bypassmalwarepocprocess-injectionwindowsx86-64
  Language:C 36

• antifob / linux-prinj

  Linux process injection PoCs

  blueteamoffensive-securityprocess-injection
  Language:C 30

• En14c / Erebus

  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster

  linuxlinux-system-programmingprocess-injectionsecurityviruself64elf-binarieselfcx64-assemblyproof-of-concept
  Language:C 30

• Suredials / RUSTVERSARY

  🦀 RUSTVERSARY: A comprehensive repository of tools and scripts for malware development practices.

  cybersecurityenumerationethical-hackingexploitationmalware-developmentpenetration-testingpentestingpost-exploitationprocess-injectionred-teamingrustsecurity-toolswindows-security
  Language:Rust 30

• Kara-4search / EarlyBirdInjection_CSharp

  Inject shellcode into process via "EarlyBird"

  earlybirdshellcodeinjectionprocess-injectionedrredteamcsharpbypassapc
  Language:C# 26

• Nero22k / Process-Injections-Techniques

  Variety of different process injections implemented in C++

  process-injectioncppmalwareevasionshellcodepython3
  Language:C++ 26

• 0xlane / process_ghosting

  ProcessGhosting 技术的 rust 实现版本

  pe-injectionpe-injectorpefileprocess-ghostingprocess-injectionprocess-injectorrustwindows
  Language:Rust 25

• jayo78 / basic-hooking

  Examples of basic windows API hooking techniques

  hookingwin32winapisandboxhackingapi-hookingprocess-injectiondll-injection
  Language:C++ 20

• Dos98 / ProcessInjectionTechniques

  Learning Various Process Injection Techniques

  dlldll-injectiondll-hookingdll-injectorprocess-injectionatombombingthread
  Language:C++ 17

• zimnyaa / nim-noload-dll-hollowing

  Unused DLL hollowing PoC in Nim

  dll-hollowingevasionnimprocess-injectionred-teamsyscalls
  Language:Nim 17