C++ application that uses memory and code hooks to detect packers
-
Updated
Mar 12, 2016 - C++
C++ application that uses memory and code hooks to detect packers
Carbon Crypter / Packer
Implementation of the Process Hollowing technique for process injection (This is the second of three methods in the series)
Implementation of the Process Hollowing technique for process injection (This is the third of three methods in the series)
Implementation of the Process Hollowing technique for process injection (This is the first of three methods in the series)
Implementation of process hollowing on x32 .
The RunPE program is written in C# to execute a specific executable file within another files memory using the ProcessHollowing technique.
Delphi Process Hollowing, Updated.
Builder for executable file that injects into legitimate processes
An implementation of the Process Hollowing technique.
Golang version of https://github.com/hasherezade/libpeconv
Lime Crypter Obfuscator Mod
Make "upx -d" unpacking impossible!
RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the API's i hook and to dump the memory while it is using RunPE/PH techniques.
Nim process hollowing loader
execute a PE in the address space of another PE aka process hollowing
Software Protector
Add a description, image, and links to the runpe topic page so that developers can more easily learn about it.
To associate your repository with the runpe topic, visit your repo's landing page and select "manage topics."