-
### Motivation
I am currently writing up a tool for my own software suite which uses process hollowing on Windows.
For that I need to do some WinAPI calls:
- CreateProcessW
- ZwUnmapViewOfSectio…
-
# Enhancement Proposal
In response to research on process tampering (Hollowing, Doppelganing, Herpaderping). I would like to propose an enhancement to Process Hacker which inspects the coherency betw…
-
Realized that by using NtQueryInformationProcess and NtQueryInformationThread, we can get both the PEB base address of the process, and the entry point of any thread for any process. As a bonus, we ca…
-
I followed the instructions for the process hollowing code present in this repo, but when triggering my malware, I get the following error:
```bash
.\meter.hollow.exe …
-
When trying to execute `ProcessHollowing.exe`, there is always the same error message for me.
I have played with different _fake_ and _real_ parameters and tested it on Windows 10 and 11.
Example…
-
Hi! I was doing some experiments with some PEs with embedded resources: the generated payload seems to not account for them.
I have produced a minimal example to debug the issue with mingw (tweak `…
-
Hello, I've set up drakvuf sandbox with drakvuf compiled from source (not the bundle because i wanted gnome gui).
By the way, i'm using ubuntu 20.04 as host, and guest windows 7 64 bit professiona…
-
# Background
There is a Go source code already available. The source code imports 3D STL surface meshes and stores the `index` and `vertex` buffers corresponding to the 3D STL surface mesh.
It's…
-
2.4.58.4
_Version of SuperSlicer used goes here (help->about)_
Win10
_What OS are you using, and state any version #s_
QUESTION:
Is there an OutPut variable for Printer PresetName so that I can…
-
There is a not handle exception System.ArgumentOutOfRangeException:. Index is out of range.
The issue is on the line 169 "uint rva = BitConverter.ToUInt32(dataBuf, (int)rvaOffset);"
Can you t…