OffensivePH
Process hijacker
A tool that utilizes an old driver to bypass user-mode access controls and inject malicious code into processes
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
329 stars
13 watching
43 forks
Language: C
last commit: about 3 years ago driverinjectionioctlpost-exploitationppl
Related projects:
| Repository | Description | Stars |
|---|---|---|
 kpcyrd/rshijack | A tool that hijacks TCP connections by injecting packets into existing connections to intercept data | 463 |
 filosottile/otherport | A tool to redirect network connections to alternative ports. | 42 |
 netero1010/rdphijack-bof | A tool for hijacking remote RDP sessions using the WinStationConnect API | 297 |
 matterpreter/offensivecsharp | A collection of C# tooling and POCs for operating system exploitation and vulnerability assessment. | 1,381 |
 hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,032 |
 cybercitizen7/ps1jacker | A tool for generating COM Hijacking payloads using Windows process hijacking techniques | 61 |
 redsiege/aggressorassessor | A collection of Python scripts designed to simulate various phases of a cyber attack during a pen test or red team assessment. | 175 |
 heppu/gkill | An interactive process killer tool for Linux and macOS that allows users to filter and kill processes using keyboard navigation. | 315 |
 josh0xa/threadfire | A tool demonstrating thread hijacking and code injection in Win32 applications. | 173 |
 octoberfest7/kdstab | A tool used to bypass Windows Defender by manipulating process integrity and privileges | 156 |
 joshfaust/alaris | A low-level shellcode loader designed to bypass modern EDR systems and protect malware execution flows. | 888 |
 icebearfriend/quickrundown | A tool that enhances characterization and research of processes on a host by providing a graphical overlay for the Cobalt Strike PS function. | 30 |
 elfmaster/saruman | Injects full dynamic executables into process images with thread injection | 127 |
 d4rk007/redghost | A post exploitation framework designed to assist in persistence, reconnaissance, and privilege escalation on Linux systems | 536 |
 zerbea/hcxtools | Converts packet capture files to usable hashes for Hashcat or John the Ripper analysis. | 2,014 |