runpe
There are 3 repositories under runpe topic.
hasherezade / demos
Demos of various injection techniques found in malware
Language:C 784itm4n / VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
Language:VBA 778aaaddress1 / RunPE-In-Memory
Run a Exe File (PE Module) in memory (like an Application Loader)
Language:C++ 776naksyn / PythonMemoryModule
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Language:Python 277ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
Language:C 213TheNewAttacker64 / Theattacker-Crypter
Tool to evade Antivirus With Different Techniques
Language:C# 146- Language:C# 115
- Process-Hollowing
adamhlt / Process-Hollowing
Process Hollowing in C++ (x86 / x64) - Process PE image replacement
Language:C++ 95 TalosSec / Cronos-Crypter
Cronos Crypter is an simple example of crypter created for educational purposes.
Language:C# 92XaFF-XaFF / ZwProcessHollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
Language:C++ 75abdullah2993 / go-runpe
execute a PE in the address space of another PE aka process hollowing
Language:Go 51itaymigdal / PichichiH0ll0wer
Nim process hollowing loader
Language:Nim 43Paskowsky / DreamProtectorFree
Simple protector to show how to run a payload without dropping it using RunPE Technique
Language:C# 34sulealothman / MysteryLegacyPenetrationTools
Mystery Legacy Repo is for advanced penetration tools
Language:Visual Basic 33- Language:C 29
BelodedAleksey / go_libpeconv
Golang version of https://github.com/hasherezade/libpeconv
Language:Go 25Chainski / Chainski-Crypter
Lime Crypter Obfuscator Mod
Language:C# 23- Language:JavaScript 19
- Language:C++ 17
ivkin25 / Process-Hollowing
An implementation of the Process Hollowing technique.
Language:C++ 16- UPX-Patcher
DosX-dev / UPX-Patcher
Make "upx -d" unpacking impossible!
Language:Visual Basic .NET 13 hidd3ncod3s / runpedmp
RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the API's i hook and to dump the memory while it is using RunPE/PH techniques.
Language:C++ 10CodiumAlgorithm / -Delphi-Process-Hollowing-RunPE-by-Jean-Pierre-LESUEUR
Delphi Process Hollowing, Updated.
Language:Pascal 6- Language:C++ 6
C++ application that uses memory and code hooks to detect packers
Language:C++ 2carboncryptt / CarbonCrypt
Carbon Crypter / Packer
DevinAIDeveloper / DevinPE-ProcessHollowing-Example
DevinPE-ProcessHollowing-Example
Language:C# 1- Language:C 1
- Fud-Crypter-2024-Olympos-Builder
Olympossa / Fud-Crypter-2024-Olympos-Builder
Fullyundedectable Runtime Crypter Services
Language:C# 1
