OffensivePH
Process hijacker
A tool that utilizes an old driver to bypass user-mode access controls and inject malicious code into processes
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
329 stars
13 watching
43 forks
Language: C
last commit: about 3 years ago driverinjectionioctlpost-exploitationppl
Related projects:
Repository | Description | Stars |
---|---|---|
kpcyrd/rshijack | A tool that hijacks TCP connections by injecting packets into existing connections to intercept data | 463 |
filosottile/otherport | A tool to redirect network connections to alternative ports. | 42 |
netero1010/rdphijack-bof | A tool for hijacking remote RDP sessions using the WinStationConnect API | 297 |
matterpreter/offensivecsharp | A collection of C# tooling and POCs for operating system exploitation and vulnerability assessment. | 1,381 |
hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,036 |
cybercitizen7/ps1jacker | A tool for generating COM Hijacking payloads using Windows process hijacking techniques | 61 |
redsiege/aggressorassessor | A collection of Python scripts designed to simulate various phases of a cyber attack during a pen test or red team assessment. | 175 |
heppu/gkill | An interactive process killer tool for Linux and macOS that allows users to filter and kill processes using keyboard navigation. | 315 |
josh0xa/threadfire | A tool demonstrating thread hijacking and code injection in Win32 applications. | 173 |
octoberfest7/kdstab | A tool used to bypass Windows Defender by manipulating process integrity and privileges | 156 |
joshfaust/alaris | A low-level shellcode loader designed to bypass modern EDR systems and protect malware execution flows. | 888 |
icebearfriend/quickrundown | A tool that enhances characterization and research of processes on a host by providing a graphical overlay for the Cobalt Strike PS function. | 30 |
elfmaster/saruman | Injects full dynamic executables into process images with thread injection | 127 |
d4rk007/redghost | A post exploitation framework designed to assist in persistence, reconnaissance, and privilege escalation on Linux systems | 536 |
zerbea/hcxtools | Converts packet capture files to usable hashes for Hashcat or John the Ripper analysis. | 2,014 |