This technique leverages File Mapping and APC(s) to execute shellcode into another process. By leveraging file mapping we would not have to use various functions such as VirtualAllocEx and WriteProcessMemory to copy the shellcode into the remote process but instead we can just use QueueUserAPC to call the functions we want to reference and execute the shellcode in the file we want.
kangaru 🦘 Kangaru is an inversion of control container for C++11, C++14 and later. It provides many features to automate dependency injection and red
K55 - Linux x86_64 Process Injection Utility (C++11) About K55 (pronounced: "kay fifty-five") The K55 payload injection tool is used for injecting x86
a undetectable ios root access tool by modify odyssey, support sign disable & dylib injection, test on iphoneX(13.5.1 expolit by FreeTheSandbox), our
Transacted Hollowing Transacted Hollowing - a PE injection technique. A hybrid between Process Hollowing and Process Doppelgänging. More info here Cha
Process Ghosting This is my implementation of the technique presented by Gabriel Landau: https://www.elastic.co/blog/process-ghosting-a-new-executable
(cleaned up version here: https://github.com/xinbailu/DripLoader-Ops) DripLoader (PoC) Evasive shellcode loader for bypassing event-based injection de
CredInject Hello Dear Reader! Welcome to the CredInject repo -- This project is based on HoneyCred and uses the same method to inject credentials into
Spotify AdBlock Windows Spotify Ad Block, in C ! Build Open an issue with information related if any error occurs. mingw32-make all Tested gcc: # gcc
NoobDumper v2 A (mostly dll) dumper for CS:GO cheat loaders that use manual map injection method How to use this Inject the dumper into the loader ( x
Windows Process Injection Here are some popular methods used for process injection on the windows operating system. Conhost ExtraBytes PROPagate Servi
PageTableInjection Code Injection, Inject malicious payload via pagetables pml4. Introduction This is just a proof-of-concept of the page table inject
Plants vs. Zombies Online Battle This project has two original repositories: https://github.com/czs108/Plants-vs.-Zombies-Online-Battle https://github
external_warzone_cheat External warzone cheat with manual mapped driver (function hook), overlay (nvidia hijack), simple esp, no recoil Offsests are N
CosMapper Loads a signed kernel driver (signed with leaked cert) which allows you to map any driver to kernel mode without any traces of the signed /
TiEtwAgent - ETW-based process injection detection This project was created to research, build and test different memory injection detection use cases
The Memory Process File System (MemProcFS) is an easy and convenient way of viewing physical memory as files in a virtual file system.
Cobalt Strike BOF - Inject AMSI Bypass Cobalt Strike Beacon Object File (BOF) that bypasses AMSI in a remote process with code injection. Running inje
syringe - A DLL & Code Injection C++ library for Windows. syringe is a DLL & Code Injection C++ library for Windows that contains different techniques
ProcessVmAccess Two PoC of accessing process virtual memory via NT Kernel Detail You've never interested in accessing process virtual memory through N
368 Jan 3, 2023
57 Sep 5, 2022
58 Nov 22, 2021
430 Dec 24, 2022
547 Dec 28, 2022
7 Jun 8, 2022
1 Nov 2, 2021
22 Jul 21, 2022
1.4k Dec 28, 2022
179 Nov 28, 2022
71 Oct 14, 2021
109 Jan 2, 2023
157 Jan 2, 2023
187 Dec 20, 2022
1.7k Jan 2, 2023
307 Dec 28, 2022
5 Jul 28, 2022