PoCs and tools for investigation of Windows process execution techniques
-
Updated
Jun 11, 2024 - C#
PoCs and tools for investigation of Windows process execution techniques
A lightweight native DLL mapping library that supports mapping directly from memory
A manual system call library that supports functions from both ntdll.dll and win32u.dll
Hollow is a tool for implementing the process hollowing technique.
OBOE - Origami Binary for Objects and Executables
Add a description, image, and links to the windows-internals topic page so that developers can more easily learn about it.
To associate your repository with the windows-internals topic, visit your repo's landing page and select "manage topics."