Skip to content

Not-ISellStuff/Process-Hollowing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 
isell.bin
isell.bin
 
 
loader.c
loader.c
 
 
loader.h
loader.h
 
 
main.c
main.c
 
 

Repository files navigation

Process-Hollowing

Basic program written in c that starts a "legitimate" process and injects shell code (Process Hollowing)

This was not made to be used for anything, this is just an example.

The code extracts the shell code from the binary (isell.bin)

What is Process Hollowing?

Process Hollowing is a method used to avoid getting the attention of an anti-virus.
It starts a trusted process like notepad and makes it execute code

This is used in malware.
It injects code into a legitimate/trusted process in order to avoid being detected.

How To Compile

gcc -c loader.c -o loader.o
gcc main.c loader.o -o main.exe

About

Basic program written in c that injects shellcode into a "legitimate" process (Process Hollowing)

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages