Process Injection Techniques Library
$349.99
Process Injection Library — 8 Windows Techniques
Source code documented of 8 techniques of code injection in processes Windows:
- 1. Classic DLL Injection — CreateRemoteThread + LoadLibrary. El baseline.
- 2. Process Hollowing — Crear process suspendido, unmapear its imagen, mapear the tuya.
- 3. APC Queue Injection — QueueUserAPC in thread alertable of the target process.
- 4. Thread Hijacking — SuspendThread, modifiesr RIP/EIP, ResumeThread.
- 5. Atom Bombing — Usar GlobalAtom table for escribir shellcode in the address space of the target.
- 6. Module Stomping — Cargar DLL legitimate in process remote, onescribir su .text section.
- 7. Direct Syscalls — NtCreateThreadEx, NtWriteVirtualMemory without pasar by ntdll (avoids hooks of EDR).
- 8. Callback Injection — Abusesr of callbacks of Windows (EnumWindows, CreateTimerQueueTimer) for executing shellcode.
Each technique includes: source code C/C++, comentarios line a line, and notas on what EDRs detectsn each variante.
Related Tools
Red Team Tools
Malleable C2 Profile Generator
Red Team Tools
SOCKS5 Proxy Pivoting Module
Red Team Tools
Phishing Infrastructure Deployer
Red Team Tools