#
ppid-spoofing
Here are 5 public repositories matching this topic...
Advanced shellcode loader with AES-256, EDR/AMSI/ETW bypass, indirect syscalls.
windows pentesting syscalls aes-encryption offensive-security malware-development apc red-team process-injection ppid-spoofing edr-bypass edr-evasion evasion-techniques
-
Updated
Dec 16, 2025 - C
The project consists of a service that utilizes advanced techniques to inject a Payload into its own process, specifically the Windows RuntimeBroker.exe
c windows system service assembly x64 malware windows-service malware-research malware-development anti-debugging ntdll earlybird anti-debugger ppid-spoofing syswhisper ntdll-unhooking dllblockpolicy
-
Updated
Jul 3, 2024 - C
C++ Windows Usermode Rootkit with C2 Framework, Privilege Esclation and Keylogger.
windows pentesting syscalls aes-encryption offensive-security malware-development apc red-team usermode rootkits process-injection ppid-spoofing edr-evasion usermode-rootkit
-
Updated
Dec 14, 2025 - Python
Improve this page
Add a description, image, and links to the ppid-spoofing topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the ppid-spoofing topic, visit your repo's landing page and select "manage topics."