Skip to content
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
C++ C Batchfile
Branch: master
Clone or download
Latest commit 9167b78 Aug 8, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
MsgBoxOnGetMsgProc Black Hat 2019 Release Aug 8, 2019
MsgBoxOnProcessAttach Black Hat 2019 Release Aug 8, 2019
Pinjector Black Hat 2019 Release Aug 8, 2019
TestProcess Black Hat 2019 Release Aug 8, 2019
.gitignore Initial commit Jul 23, 2019
LICENSE Black Hat 2019 Release Aug 8, 2019
PIDOF_EXPLORER.bat Black Hat 2019 Release Aug 8, 2019
Pinjectra.sln Black Hat 2019 Release Aug 8, 2019
README.md Black Hat 2019 Release Aug 8, 2019

README.md

Pinjectra

Pinjectra is a C/C++ library that implements Process Injection techniques (with focus on Windows 10 64-bit) in a "mix and match" style. Here's an example:

// CreateRemoteThread Demo + DLL Load (i.e., LoadLibraryA as Entry Point)
executor = new CodeViaCreateRemoteThread(
    new OpenProcess_VirtualAllocEx_WriteProcessMemory(
        (void *)"MsgBoxOnProcessAttach.dll",
        25,
        PROCESS_VM_WRITE | PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION,
        MEM_COMMIT | MEM_RESERVE,
        PAGE_READWRITE),
    LoadLibraryA
);

executor->inject(pid, tid);

It's also currently the only implementation of the "Stack Bomber" technique. A new process injection technique that is working on Windows 10 64-bit with both CFG and CIG enabled.

Pinjectra, and "Stack Bomber" technique released as part of the Process Injection Techniques - Gotta Catch Them All talk given at BlackHat USA 2019 conference and DEF CON 27 by Itzik Kotler and Amit Klein from SafeBreach Labs.

Version

0.1.0

License

BSD 3-Clause

You can’t perform that action at this time.