Template-Driven AV/EDR Evasion Framework
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
Multilayered AV/EDR Evasion Framework
PE loader with various shellcode injection techniques
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
Materials for the workshop "Red Team Ops: Havoc 101"
Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
Centralized resource for listing and organizing known injection techniques and POCs
A C# DLL injection library
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
An open-source process injection enumeration tool written in C#
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
Source code of exploiting windows API for red teaming series
A dynamic unpacking tool
Shellcode obfuscation tool to avoid AV/EDR.
x64/x86 shellcode injector
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Process Injection Techniques with Golang
Various methods of executing shellcode
Add a description, image, and links to the process-injection topic page so that developers can more easily learn about it.
To associate your repository with the process-injection topic, visit your repo's landing page and select "manage topics."