PPLDump_BOF

Process dumper

A tool for dumping the memory contents of a protected process on Windows

A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.

GitHub

136 stars
3 watching
23 forks
Language: C
last commit: about 3 years ago

Related projects:

Repository Description Stars
espressocake/process_protection_level_bof A tool that helps operators determine the protection level of a process before attempting to access its memory 51
espressocake/self_deletion_bof BOF implementation of a research concept allowing for controlled deletion of processes 171
espressocake/firewall_walker_bof An exploit technique allowing interaction with Windows software firewall via COM interfaces. 100
espressocake/dll-hijack-search-order-bof A tool to enumerate the search order of DLL resolution and potentially gain information about a file's mutability. 141
xforcered/credbandit A proof-of-concept tool for dumping the memory of a process and sending it back through a custom communication channel. 233
espressocake/needle_sift_bof A tool for searching for specific strings within files using a needle-sift algorithm 30
espressocake/defender_exclusions-bof Tools to determine Windows Defender exclusions 241
espressocake/dll_imports_bof An enumeration tool to inspect PE files and extract information about loaded DLLs and their imported functions 83
ghedo/pflask A tool for creating isolated process environments on Linux 197
outflanknl/findobjects-bof An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles 266
glmcdona/process-dump A tool to extract and analyze malware code from running Windows processes. 1,662
citypw/lcamtuf-memfetch Utility to dump process memory of running processes on Linux systems. 40
alfarom256/bof-foreignlsass A tool for duplicating an existing process's handle to LSASS, allowing dumping of the local session store. 98
rasta-mouse/ppenum A tool to determine the protection level of a process using a simple Binary Object Formatter (BOF) approach. 111
espressocake/toggle_token_privileges_bof A tool to add or remove specific privilege rights from the token of the current process 52