Code injections

This repository contains 22 implementations of Host-Based Code Injection Attacks (HBCIAs).

PE injections

Feature	Classic	Process Doppelgänging	Process Hollowing	Transacted Hollowing	Process Ghosting
32 Bit	✔	✔	✔	✔	✔
64 Bit	✔	✔	✔	✔	✔
WoW64	✔	➖	✔	✔	➖
Windows 7	✔	✔	✔	✔	✔
Windows 10	✔	❌	✔	✔	✔

Feature	Classic	AppCertDLLs	AppInitDLLs	KnownDLLs Cache	SetWindowsHookEx	Shim
32 Bit	✔	✔	✔	➖	✔	➖
64 Bit	✔	✔	✔	✔	✔	✔
WoW64	✔	✔	✔	➖	✔	➖
Windows 7	✔	✔	✔	✔	✔	✔
Windows 10	✔	✔	✔	✔	✔	➖
Unpriviledged	✔	❌	❌	✔	✔	❌

Feature	Classic	Entrypoint	Extra Window Memory	GhostWriting	PROPagate	TLS Callback	Kernel Callback Table
32 Bit	✔	✔	✔	✔	✔	✔	✔
64 Bit	✔	✔	✔	✔	✔	✔	✔
WoW64	✔	✔	✔	✔	✔	✔	✔
Windows 7	✔	✔	✔	➖	✔	✔	✔
Windows 10	✔	✔	✔	✔	✔	✔	✔

Name		Name	Last commit message	Last commit date
Latest commit History 48 Commits
common		common
mitigation/evasion		mitigation/evasion
payload		payload
pe_injection		pe_injection
shellcode_injection		shellcode_injection
.gitignore		.gitignore
CMakeLists.txt		CMakeLists.txt
CMakeSettings.json		CMakeSettings.json
LICENSE		LICENSE
README.md		README.md