Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
-
Updated
Mar 11, 2024 - C
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
POC of a better implementation of GetProcAddress for ntdll using binary search
Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
Add a description, image, and links to the pefile topic page so that developers can more easily learn about it.
To associate your repository with the pefile topic, visit your repo's landing page and select "manage topics."