PPLDump_BOF
Process dumper
A tool for dumping the memory contents of a protected process on Windows
A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
135 stars
3 watching
23 forks
Language: C
last commit: about 3 years ago Related projects:
Repository | Description | Stars |
---|---|---|
espressocake/process_protection_level_bof | A tool that helps operators determine the protection level of a process before attempting to access its memory | 51 |
espressocake/self_deletion_bof | BOF implementation of a research concept allowing for controlled deletion of processes | 169 |
espressocake/firewall_walker_bof | An exploit technique allowing interaction with Windows software firewall via COM interfaces. | 100 |
espressocake/dll-hijack-search-order-bof | A tool to enumerate the search order of DLL resolution and potentially gain information about a file's mutability. | 141 |
xforcered/credbandit | A proof-of-concept tool for dumping the memory of a process and sending it back through a custom communication channel. | 232 |
espressocake/needle_sift_bof | A tool for searching for specific strings within files using a needle-sift algorithm | 30 |
espressocake/defender_exclusions-bof | Tools to determine Windows Defender exclusions | 239 |
espressocake/dll_imports_bof | An enumeration tool to inspect PE files and extract information about loaded DLLs and their imported functions | 83 |
ghedo/pflask | A tool for creating isolated process environments on Linux | 200 |
outflanknl/findobjects-bof | An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles | 266 |
glmcdona/process-dump | A tool to extract and analyze malware code from running Windows processes. | 1,651 |
citypw/lcamtuf-memfetch | A utility to dump all memory of a running process on demand | 40 |
alfarom256/bof-foreignlsass | A tool for duplicating an existing process's handle to LSASS, allowing dumping of the local session store. | 97 |
rasta-mouse/ppenum | A tool to determine the protection level of a process using a simple Binary Object Formatter (BOF) approach. | 104 |
espressocake/toggle_token_privileges_bof | A tool to add or remove specific privilege rights from the token of the current process | 52 |