transacted_hollowing
PE injector
An implementation of a memory-based PE injection technique for executing payloads in a target process
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
521 stars
19 watching
74 forks
Language: C
last commit: 12 months ago code-injectionmalwarepe-injectorpefile
Related projects:
| Repository | Description | Stars |
|---|---|---|
| hasherezade/process_doppelganging | An implementation of a malware injection technique using PE injection to create and control malicious processes | 581 |
| hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,047 |
| hasherezade/libpeconv | A C++ library that provides a set of helper functions for loading, manipulating, and dumping PE files. | 1,129 |
| hasherezade/mal_unpack | A tool to unpack malicious code from packed executables using the PE-sieve technique. | 668 |
 boku7/hollow | A tool that enables remote process shellcode execution using the Early Bird injection technique | 267 |
 silva97/pei | Tools for injecting and manipulating code in PE executables | 30 |
| hasherezade/pe-sieve | A tool for detecting and analyzing malicious code in executables | 3,157 |
| hasherezade/bearparser | A C++ library for parsing Portable Executable files | 647 |
 droberson/papa-shango | An assembler-based tool to inject shellcode into running processes on Linux using ptrace(), allowing for controlled modification of process behavior. | 5 |
| hasherezade/pe-bear-releases | An open-source tool for analyzing and editing PE file formats | 772 |
 egebalci/amber | Creates reflective PE files that can be executed in memory without being written to disk | 1,208 |
 phra/pezor | A tool for obfuscating and packing executable files to evade antivirus detection and security measures | 1,869 |
 elfmaster/saruman | A tool for injecting full dynamic executables into process images with thread injection | 128 |
 plackyhacker/shellcode-injection-techniques | A collection of C# techniques for injecting malicious shellcode into processes | 450 |
 hzllaga/jsloader | A tool that generates and embeds malicious shellcode in JavaScript to evade detection by antivirus software and ensure persistence after installation. | 357 |