Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → antonioCoco → Mapping Injection

antonioCoco / Mapping Injection

Licence: mit

Just another Windows Process Injection

Programming Languages

assembly

5116 projects

Mapping-Injection

Mapping injection is a process injection technique that avoids the usage of common monitored syscall VirtualAllocEx, WriteProcessMemory and CreateRemoteThread.

With this technique you will have a different syscall pattern from the classic process injection that is:
VirtualAllocEx -> WriteProcessMemory -> CreateRemoteThread.
In this technique you will have the following syscall pattern:
OpenProcess() -> (CreateFileMapping() -> MapViewOfFile3() [current process] -> MapViewOfFile3() [target process]) x 2 times -> NtSetInformationProcess()

Requirements

Supported OS: Windows 10 / Windows Server 2016, version 1703 (build 10.0.15063) and above versions

Technical Description

https://splintercod3.blogspot.com/p/weaponizing-mapping-injection-with.html

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 221

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗