process-injection

Template-Driven AV/EDR Evasion Framework

Multilayered AV/EDR Evasion Framework

PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts

PE loader with various shellcode injection techniques

🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.

Materials for the workshop "Red Team Ops: Havoc 101"

Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes

Centralized resource for listing and organizing known injection techniques and POCs

This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.

A C# DLL injection library

An open-source process injection enumeration tool written in C#

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber

Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

Source code of exploiting windows API for red teaming series

A dynamic unpacking tool

Shellcode obfuscation tool to avoid AV/EDR.

simple shellcode injector

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

Process Injection Techniques with Golang

Various methods of executing shellcode