Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Demos of various injection techniques found in malware

PE loader with various shellcode injection techniques

A more stealthy variant of "DLL hollowing"

Penetration testing utility and antivirus assessment tool.

Various Process Injection Techniques

Evasive Golang Loader

simple shellcode injector

ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption

This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing

userland exec for Linux x86_64

Nim process hollowing loader

Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping

execute a PE in the address space of another PE aka process hollowing

RunPE using Hell's Gate technique.

Lime Crypter Obfuscator Mod

A shellcode runner / injector / hollower in Go, for windows

Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.

An implementation of the Process Hollowing technique.

Custom malware droppers written in multiple languages.