Repository navigation

#

runpe

aaaddress1 / RunPE-In-Memory 

Run a Exe File (PE Module) in memory (like an Application Loader)

runpepackerWindowspeloaderMalwarewin32
C++
922
5 年前
itm4n / VBA-RunPE 

A VBA implementation of the RunPE technique or how to bypass application whitelisting.

runpe
VBA
815
6 年前
hasherezade / demos 

Demos of various injection techniques found in malware

Malwarecode-injectiondll-injectionrunpeprocess-hollowing
C
792
4 年前
naksyn / PythonMemoryModule 

pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory

edr-evasionevasionHackingmemory-modulememorymodulePythonredteamredteam-toolsredteamingrunpe
Python
329
1 年前
siriusdeveloper / sirius-crypter 

Telegram: @siriusdeveloper

Malwareaes-encryptioncryptercrypter-defendercrypter-fudobfuscationprotectorrunpexor-crypter
C#
294
2 年前
hasherezade / chimera_pe 

ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side

pe-injectorrunpe
C
224
3 年前
TheNewAttacker64 / Theattacker-Crypter 

Tool to evade Antivirus With Different Techniques

crypterfudobfuscationundetectedbypass-antivirusrunpeShellfud-crypter
C#
190
2 年前
Maldev-Academy / MaldevAcademyLdr.2 

RunPE implementation with multiple evasive techniques

edr-evasionmimikatzrunpe
C
189
9 天前
adamhlt / Process-Hollowing 

Process Hollowing in C++ (x86 / x64) - Process PE image replacement

C++processwinapirunpe
C++
169
2 年前
DosX-dev / UPX-Patcher 

Make "upx -d" unpacking impossible!

packerpatcher安全upxobfuscatorprotectoreasy-to-useexecutablepatchWindowsmodmutationrunpeunpackingunpack
Visual Basic .NET
161
4 个月前
NYAN-x-CAT / CSharp-RunPE 

Hide malware behind a legit process C#

processrunpe
C#
125
6 年前
TalosSec / Cronos-Crypter 

Cronos Crypter is an simple example of crypter created for educational purposes.

crypterC#HackingobfuscationrunpepackerencryptionWindows
C#
102
1 年前
XaFF-XaFF / ZwProcessHollowing 

ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption

hacking-toolprocess-hollowingrunpeWindowsx64
C++
89
3 年前
itaymigdal / PichichiH0ll0wer 

Nim process hollowing loader

loaderpe-loaderpenetration-testingpenetration-testing-toolsprocess-hollowingprocess-injectionred-teamred-team-toolssyscallspayload-generatorrunpeedr-bypassedr-evasion
Nim
60
2 个月前
abdullah2993 / go-runpe 

execute a PE in the address space of another PE aka process hollowing

runpeprocess-hollowingmalware-developmentinjectionevasion
Go
59
4 年前
Paskowsky / DreamProtectorFree 

Simple protector to show how to run a payload without dropping it using RunPE Technique

C#protectorrunpecrypter
C#
35
8 年前
TheKevinWang / HellsRunPE 

RunPE using Hell's Gate technique.

runpeprocess-hollowingloader
C
32
5 年前
BelodedAleksey / go_libpeconv 

Golang version of https://github.com/hasherezade/libpeconv

runpe
Go
27
6 年前
ecpp / runpe-loader 

Advanced Windows application loader featuring secure authentication, automatic updates, and in-memory PE execution. Built with C++, ImGui, and DirectX 9.

AuthenticationC++directx9imguilicense-managementloaderpe-loaderrunpewin32Windows
C++
22
1 个月前
ghzcrlvct / Adrena 

Software Protector

CC++Cryptographyprotectionprotectorsafeguardcrypterrunpepacker
JavaScript
19
5 年前