Topic: "process-injection"
klezVirus/inceptor
Template-Driven AV/EDR Evasion Framework
Language: Assembly - Size: 19.9 MB - Last synced at: 13 days ago - Pushed at: over 1 year ago - Stars: 1,658 - Forks: 271
thomasxm/BOAZ_beta
Multilayered AV/EDR Evasion Framework
Language: C++ - Size: 85.6 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 617 - Forks: 102
alphaSeclab/injection-stuff
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
Size: 75.2 KB - Last synced at: about 2 months ago - Pushed at: almost 5 years ago - Stars: 524 - Forks: 144
christophetd/spoofing-office-macro
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
Language: VBA - Size: 26.4 KB - Last synced at: 27 days ago - Pushed at: almost 5 years ago - Stars: 380 - Forks: 83
WesleyWong420/RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
Language: C# - Size: 22.9 MB - Last synced at: 9 days ago - Pushed at: 7 months ago - Stars: 371 - Forks: 50
Hagrid29/PELoader
PE loader with various shellcode injection techniques
Language: C++ - Size: 1.51 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 304 - Forks: 53
KooroshRZ/Windows-DLL-Injector
Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes
Language: C++ - Size: 684 KB - Last synced at: over 1 year ago - Pushed at: about 3 years ago - Stars: 262 - Forks: 47
itaymigdal/awesome-injection
Centralized resource for listing and organizing known injection techniques and POCs
Size: 43 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 247 - Forks: 35
LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
Language: C - Size: 23.4 KB - Last synced at: 8 days ago - Pushed at: almost 2 years ago - Stars: 245 - Forks: 33
enkomio/ManagedInjector
A C# DLL injection library
Language: C# - Size: 4.92 MB - Last synced at: 14 days ago - Pushed at: almost 4 years ago - Stars: 212 - Forks: 33
ZeroMemoryEx/Orca 📦
Incomplete project
Language: C++ - Size: 629 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 186 - Forks: 33
reveng007/ReflectiveNtdll
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
Language: C - Size: 23.3 MB - Last synced at: 14 days ago - Pushed at: about 2 years ago - Stars: 171 - Forks: 24
gh0x0st/wanderer
An open-source process injection enumeration tool written in C#
Language: C# - Size: 270 KB - Last synced at: 16 days ago - Pushed at: over 2 years ago - Stars: 170 - Forks: 16
PI-Defender/pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
Language: C++ - Size: 3.25 MB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 152 - Forks: 23
tbhaxor/WinAPI-RedBlue 📦
Source code of exploiting windows API for red teaming series
Language: C++ - Size: 300 KB - Last synced at: 12 months ago - Pushed at: over 2 years ago - Stars: 144 - Forks: 25
buzzer-re/Shinigami
A dynamic unpacking tool
Language: C++ - Size: 11.9 MB - Last synced at: 8 days ago - Pushed at: over 1 year ago - Stars: 134 - Forks: 11
Konis-Bros/espio
Shellcode obfuscation tool to avoid AV/EDR.
Language: C++ - Size: 2.23 MB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 121 - Forks: 15
voidvxvt/HellBunny
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Language: C - Size: 617 KB - Last synced at: 14 days ago - Pushed at: 4 months ago - Stars: 101 - Forks: 19
ZeroMemoryEx/Shellcode-Injector
x64/x86 shellcode injector
Language: C++ - Size: 1.71 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 101 - Forks: 19
Kr0ff/WinMalDev
Various methods of executing shellcode
Language: C - Size: 1.56 MB - Last synced at: 8 days ago - Pushed at: about 2 years ago - Stars: 69 - Forks: 8
neox41/go-procinject
Process Injection Techniques with Golang
Language: Go - Size: 191 KB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 66 - Forks: 18
0xlane/com-process-inject
Process Injection via Component Object Model (COM) IRundown::DoCallback().
Language: Rust - Size: 1.04 MB - Last synced at: 11 days ago - Pushed at: over 2 years ago - Stars: 58 - Forks: 12
itaymigdal/PartyLoader
Threadless shellcode injection tool
Language: Nim - Size: 275 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 53 - Forks: 6
Apr4h/GetInjectedThreads
C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
Language: C# - Size: 111 KB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 47 - Forks: 12
itaymigdal/PichichiH0ll0wer
Nim process hollowing loader
Language: Nim - Size: 2.56 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 46 - Forks: 11
En14c/Erebus
Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
Language: C - Size: 6.84 KB - Last synced at: 5 months ago - Pushed at: about 5 years ago - Stars: 29 - Forks: 5
redeflesq/firewall-bypass
Download data from the internet bypassing the firewall using process injection
Language: C - Size: 23.4 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 27 - Forks: 4
ZeroMemoryEx/CE_AC_CI_EX
Solving CE/AC Challenges using ASM/C++
Language: Assembly - Size: 27.3 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 26 - Forks: 6
Kara-4search/EarlyBirdInjection_CSharp
Inject shellcode into process via "EarlyBird"
Language: C# - Size: 26.4 KB - Last synced at: 19 days ago - Pushed at: over 3 years ago - Stars: 26 - Forks: 8
0xlane/process_ghosting
ProcessGhosting 技术的 rust 实现版本
Language: Rust - Size: 969 KB - Last synced at: 11 days ago - Pushed at: 6 months ago - Stars: 25 - Forks: 6
Nero22k/Process-Injections-Techniques
Variety of different process injections implemented in C++
Language: C++ - Size: 34.2 KB - Last synced at: 2 days ago - Pushed at: almost 4 years ago - Stars: 25 - Forks: 9
zimnyaa/nim-noload-dll-hollowing
Unused DLL hollowing PoC in Nim
Language: Nim - Size: 14.6 KB - Last synced at: 2 days ago - Pushed at: about 3 years ago - Stars: 17 - Forks: 3
Kara-4search/ThreadHijacking_CSharp
Process inject technique "Thread hijacking" via csharp
Language: C# - Size: 37.1 KB - Last synced at: 19 days ago - Pushed at: over 3 years ago - Stars: 14 - Forks: 2
joaoviictorti/processinjection-rs
Process Injection - Shellcode (Rust)
Language: Rust - Size: 3.91 KB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 3
DamonMohammadbagher/NativePayload_Tinjection
Remote Thread Injection by C# + Delegate Techniques
Language: C# - Size: 690 KB - Last synced at: 1 day ago - Pushed at: almost 2 years ago - Stars: 12 - Forks: 3
Suredials/RUSTVERSARY
🦀 RUSTVERSARY: A comprehensive repository of tools and scripts for malware development practices.
Language: Rust - Size: 2.71 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 11 - Forks: 0
ivkin25/Process-Hollowing
An implementation of the Process Hollowing technique.
Language: C++ - Size: 88.9 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 11 - Forks: 5
DamonMohammadbagher/damonmohammadbagher.github.io
Language: HTML - Size: 147 MB - Last synced at: 1 day ago - Pushed at: about 1 year ago - Stars: 9 - Forks: 3
TartarusLabs/Expeditus
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
Language: C# - Size: 23.4 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 9 - Forks: 2
Maff1t/InjectionTracer
PINTool to help analyzing malware that uses process injection
Language: C++ - Size: 5.91 MB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 8 - Forks: 2
jayo78/basic-hooking
Examples of basic windows API hooking techniques
Language: C++ - Size: 12.7 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 8 - Forks: 1
gurkeow/WinMal
Advanced PowerShell-based red team implant along with a custom C2 (Command & Control) server
Size: 1.95 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 7 - Forks: 1
ricardojoserf/jeringuilla
Process injection framework in C#. It uses dynamic function loading using delegates and AES-encryption for strings and payloads
Language: C# - Size: 157 KB - Last synced at: 12 months ago - Pushed at: about 1 year ago - Stars: 7 - Forks: 1
DamonMohammadbagher/NativePayload_TId
Remote Thread Injection by C# Delegate
Language: C# - Size: 201 KB - Last synced at: 1 day ago - Pushed at: almost 2 years ago - Stars: 7 - Forks: 5
affix/rs-shellcode-runners
Running Shellcode using Rust
Language: Rust - Size: 14.6 KB - Last synced at: 6 days ago - Pushed at: over 1 year ago - Stars: 6 - Forks: 0
0xDeadcell/ProcessMarauder
ProcessMarauder is an advanced Python library for injecting DLLs into running processes.
Language: Python - Size: 2.17 MB - Last synced at: 3 days ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 2
0xjbb/httpdropper
Simple HTTP Shellcode dropper, designed only to defeat defender
Language: C++ - Size: 25.4 KB - Last synced at: almost 2 years ago - Pushed at: about 3 years ago - Stars: 6 - Forks: 2
EmreOvunc/Process-Injection-Process-Hollowing-T1055.012
Execution of the malicious code is masked under a legitimate process.
Language: C++ - Size: 46.9 KB - Last synced at: almost 2 years ago - Pushed at: over 4 years ago - Stars: 6 - Forks: 3
geniuszly/GenBlueStacksInjector
BlueStacksInjector is a Python script designed to automate the injection of a payload into the startup directories of user profiles within a shared directory environment, such as BlueStacks.
Language: Python - Size: 5.86 KB - Last synced at: 15 days ago - Pushed at: 8 months ago - Stars: 5 - Forks: 0
the-antibody/autoclicker
An autoclicker DLL that can inject to any version of minecraft.
Language: C++ - Size: 32.2 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 1
cr-0w/kuronotori
⭐💉 process injector
Language: C++ - Size: 150 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 4 - Forks: 0
HellishPn/Win-Core-Processes-for-Blues
Windows Core Processes Specefications and How to Hunt Suspicious ones (MindMap)
Size: 282 KB - Last synced at: 2 months ago - Pushed at: about 3 years ago - Stars: 4 - Forks: 2
x0reaxeax/GhostWriting64
PoC implementation of the GhostWriting injection technique for x64 Windows
Language: C - Size: 43.9 KB - Last synced at: 6 days ago - Pushed at: 2 months ago - Stars: 3 - Forks: 0
R-Rothrock/oregano
PoC Linux process injection to hide execution of "benign" binary.
Language: C - Size: 59.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0
superswan/memloader_inj-win
Inject remote shellcode or DLL file into process memory using FileMapping
Language: C++ - Size: 15.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0
ahron-chet/Privilege-escaletion-using-vulnerability-on-Microsoft-teams-Reverse-shell-Password-stealer
Privilege escalation using vulnerability on Microsoft teams by doing process injection and dll proxing Reverse shell, Password stealer, jupyter notebook, token sniffer, ransomware based on my encryption algorithm
Language: PowerShell - Size: 3.65 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 3 - Forks: 0
antifob/linux-prinj
Linux process injection PoCs
Language: C - Size: 64.5 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 3 - Forks: 1
EthanTwofishBlackwell/SharedObject_Injector
Python builder which compiles and embeds a shared object into an executable which when ran will inject the .so into a process and execute it whilst being all in memory and using gdb to inject.
Language: Python - Size: 53.7 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 2 - Forks: 1
fern89/clsbombing
A novel process injection technique using tagCLS based on atombombing
Language: C - Size: 5.86 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 2 - Forks: 0
humzak711/Linux-process-injector-gdb-dlopen Fork of EthanTwofishBlackwell/SharedObject_Injector
Builder written in python which embeds an ELF into an executable which when ran uses gdb to execute the ELF into the memory of another process. This tool does not require elevated privileges. Both shared object and executable ELF's are supported.
Language: Python - Size: 80.1 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 0
Cyb3rV1c/LowkeyRusty
Rust based process injection tool
Language: Rust - Size: 20.5 KB - Last synced at: 21 days ago - Pushed at: 4 months ago - Stars: 1 - Forks: 1
Jsmoreira02/Process_Injection
Injection of malicious code into legitimate Windows processes for evasion and simple malware to gain unauthorized access, using the Windows API. Serves as proof of concept or intrusion detection exercises.
Language: C++ - Size: 199 KB - Last synced at: about 1 month ago - Pushed at: 7 months ago - Stars: 1 - Forks: 0
at0mic-l1mbo/MalwareDev
Malware development using C programming language and Windows32 API's
Language: C - Size: 41 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 1
cyberok-org/php-hidden-webshell
Materials from the speech "How to protect yourself from hidden web shells"
Language: PHP - Size: 18.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 1
ricardojoserf/niidoru
Framework for Process Injection in Windows using Go
Language: Go - Size: 50.8 KB - Last synced at: 12 months ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
X-3306/DLLHijack-injection-BETAV
The "DLLHijack Injection" tool enables the injection of malicious DLLs into target processes, allowing for DLL hijacking attacks. This technique can be used to exploit vulnerable applications by replacing legitimate DLLs with malicious ones, potentially leading to unauthorized access, data manipulation, or system compromise.
Language: C++ - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
ricardojoserf/non-ms-binaries
Code snippet to create a process using the "PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON" flag
Language: C# - Size: 41 KB - Last synced at: 12 months ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 1
ahron-chet/IntelliRAT-The-Powered-Fileless-Remote-Access-Trojan
Language: PowerShell - Size: 27.2 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0
Princekin/process-doppelganging
Process doppelganging c# implementation (NOT FINISHED)
Language: C# - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
talha/shellcode-exec
shellcode execution using vanilla techniques
Language: Python - Size: 3.91 KB - Last synced at: about 2 years ago - Pushed at: about 5 years ago - Stars: 1 - Forks: 0
llIIllIIllIIll/Process-Injection
Language: C - Size: 39.1 KB - Last synced at: over 1 year ago - Pushed at: over 5 years ago - Stars: 1 - Forks: 1
lennihein/PG 📦
PG ITSi: ProcessInjection
Language: C - Size: 10.1 MB - Last synced at: about 2 years ago - Pushed at: almost 6 years ago - Stars: 1 - Forks: 0
Malforge-Maldev-Public-Organization/Process-Code-Injection
A simple implementation of process code injection. This demonstrates injecting shellcode into a remote process, using basic Windows API functions for process manipulation.
Size: 3.91 KB - Last synced at: about 2 hours ago - Pushed at: about 2 hours ago - Stars: 0 - Forks: 0
WardWaz/DLL-Injector-With-Driver
A driver-based DLL injection tool for Windows that targets specific processes (like target.exe) to inject custom DLLs with error handling and customizable settings.
Language: C - Size: 796 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
N3M3S1Spy/InjectionLab
InjectionLab is an educational toolkit showcasing various Windows code injection techniques. It provides well-documented examples for security researchers and defenders to explore process injection, memory manipulation, and detection strategies.
Language: C++ - Size: 66.4 KB - Last synced at: 11 days ago - Pushed at: 15 days ago - Stars: 0 - Forks: 0
bickhighcone935/Extreme-Injector-Tool-2025
Extreme Injector Tool - Versatile Injection Utility
Size: 0 Bytes - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
alimardon51pony/Extreme-Injector-Tool-2025
Extreme Injector Tool - Versatile Injection Utility
Size: 6.84 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
basedBaba/malwareDevelopment
Simple malware samples developed using C and Win32API utilising process injection techniques like shellcode injection and dll injection which involve injecting malicious shellcode into benign processes
Language: C - Size: 19.5 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
Trn44/Process-Hollowing-POC
Proof of concept, example of process hollowing, generating reverse TCP shellcode. Conducted on Windows 10 64 Bit 22H2.
Language: C# - Size: 7.81 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 0 - Forks: 0
gegestalt/Word-Keylogger-DLL-process-injection
Using Dll process injection to use the input on word document to be monitored on attackers console
Language: C++ - Size: 8.79 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 0 - Forks: 0
dexmoh/CLI-DLL-Injector
A CLI DLL injector written in C++ for x86 and x64 architectures.
Language: C++ - Size: 28.3 KB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
Val-Resh/ProcessInjectionTechniques
Process injection techniques written in C++ based on MITRE ATT&CK techniques. This project was created for learning purposes.
Language: C++ - Size: 19.5 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
selftaught/YaDi
Yet another DLL injector
Language: C# - Size: 4.46 MB - Last synced at: 3 days ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0
Commandcracker/CheatBox
CheatBox is currently only a DLL injector. The plan for this project is that CheatBox will become a tool like Cheat Engine with a QT interface. Also, some features like automatic game injections are planed.
Language: C++ - Size: 8.79 KB - Last synced at: about 2 months ago - Pushed at: over 4 years ago - Stars: 0 - Forks: 0
jsmonkey/node-win-process-injector
Node.js bindings package 📦 for a process injector
Language: C++ - Size: 3.91 KB - Last synced at: about 2 years ago - Pushed at: about 7 years ago - Stars: 0 - Forks: 0
