runpe
There are 4 repositories under runpe topic.
aaaddress1 / RunPE-In-Memory
Run a Exe File (PE Module) in memory (like an Application Loader)
Language:C++ 930itm4n / VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
Language:VBA 815hasherezade / demos
Demos of various injection techniques found in malware
Language:C 794naksyn / PythonMemoryModule
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Language:Python 329ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
Language:C 226TheNewAttacker64 / Theattacker-Crypter
Tool to evade Antivirus With Different Techniques
Language:C# 192- Process-Hollowing
adamhlt / Process-Hollowing
Process Hollowing in C++ (x86 / x64) - Process PE image replacement
Language:C++ 170 - UPX-Patcher
DosX-dev / UPX-Patcher
Make "upx -d" unpacking impossible!
Language:Visual Basic .NET 166 - Language:C# 125
TalosSec / Cronos-Crypter
Cronos Crypter is an simple example of crypter created for educational purposes.
Language:C# 102XaFF-XaFF / ZwProcessHollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
Language:C++ 89itaymigdal / PichichiH0ll0wer
Nim process hollowing loader
Language:Nim 60abdullah2993 / go-runpe
execute a PE in the address space of another PE aka process hollowing
Language:Go 59Paskowsky / DreamProtectorFree
Simple protector to show how to run a payload without dropping it using RunPE Technique
Language:C# 35- Language:C 32
BelodedAleksey / go_libpeconv
Golang version of https://github.com/hasherezade/libpeconv
Language:Go 27ecpp / runpe-loader
Advanced Windows application loader featuring secure authentication, automatic updates, and in-memory PE execution. Built with C++, ImGui, and DirectX 9.
Language:C++ 25- Language:JavaScript 19
- Language:C++ 18
ivkin25 / Process-Hollowing
An implementation of the Process Hollowing technique.
Language:C++ 16- Language:C++ 11
hidd3ncod3s / runpedmp
RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the API's i hook and to dump the memory while it is using RunPE/PH techniques.
Language:C++ 10CodiumAlgorithm / -Delphi-Process-Hollowing-RunPE-by-Jean-Pierre-LESUEUR
Delphi Process Hollowing, Updated.
Language:Pascal 5Watermwo / Simple-RunPE-Process-Hollowing
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Language:C# 3carboncryptt / CarbonCrypt
Carbon Crypter / Packer
- Language:C 2
C++ application that uses memory and code hooks to detect packers
Language:C++ 2TRDropperGen / Runpe-Process-Hollowing-Shellcode
process hollowing shellcode
Language:Visual Basic 6.0 2- Language:C 1
mm-rezaei / ProcessHollowing2
Implementation of the Process Hollowing technique for process injection (This is the second of three methods in the series)
Language:C++ 1Implementation of the Process Hollowing technique for process injection (This is the first of three methods in the series)
Language:C++ 0Implementation of the Process Hollowing technique for process injection (This is the third of three methods in the series)
Language:C++ 0- 0
- Language:C
