Este projeto é uma implementação da técnica de evasão conhecida como Process Doppelganging. Esta técnica permite a execução de um binário malicioso (payload) sob o disfarce de um processo legítimo ou de um arquivo inexistente no disco, dificultando a detecção por soluções de segurança em geral.
Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
Process Injection using Thread Name
Implementation of the Process Injection technique for DLL file injection
Implementation of the Process Hollowing technique for process injection (This is the third of three methods in the series)
Implementation of the Process Hollowing technique for process injection (This is the second of three methods in the series)
Implementation of the Process Hollowing technique for process injection (This is the first of three methods in the series)
This project contains methodology of creating position independent code that is used to extract shellcode from the generated binary. Position independent shellcode could be injected in any process for evading defenses and creating backdoors.
This repo gives you an injector that bypasses static and dynamic analysis. The shellcodes that are injected must be encrypted with a key and decrypted at runtime to avoid detection.
Process inject technique "Thread hijacking" via csharp
MappingInjection via csharp
Add a description, image, and links to the processinjection topic page so that developers can more easily learn about it.
To associate your repository with the processinjection topic, visit your repo's landing page and select "manage topics."