DoubleThreatSecurity / Threadboat
Licence: mit
Program Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application
Stars: ✭ 132
Programming Languages
cpp11
221 projects
Projects that are alternatives of or similar to Threadboat
Hercules
HERCULES is a special payload generator that can bypass antivirus softwares.
Stars: ✭ 526 (+298.48%)
Mutual labels: hacking, malware
Spytrojan keylogger
[Solo para programadores] Troyano espía | Keylogger solo para Windows, se replica en el sistema y se inicia automaticamente al iniciar sesión. | Envío de registro mediante [Base de Datos], [Gmail] o [BotTelegram].
Stars: ✭ 32 (-75.76%)
Mutual labels: hacking, malware
Hacktheworld
An Python Script For Generating Payloads that Bypasses All Antivirus so far .
Stars: ✭ 527 (+299.24%)
Mutual labels: hacking, malware
Richkware
Framework for building Windows malware, written in C++
Stars: ✭ 315 (+138.64%)
Mutual labels: hacking, malware
Inferno
🔥 Modern command line tool for malware creation on Windows
Stars: ✭ 105 (-20.45%)
Mutual labels: hacking, malware
Ghost
👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
Stars: ✭ 312 (+136.36%)
Mutual labels: hacking, malware
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+449.24%)
Mutual labels: hacking, malware
Telegram Rat
Windows Remote Administration Tool via Telegram. Written in Python
Stars: ✭ 201 (+52.27%)
Mutual labels: hacking, malware
Python Ransomware
Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
Stars: ✭ 96 (-27.27%)
Mutual labels: hacking, malware
Dr0p1t Framework
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Stars: ✭ 1,132 (+757.58%)
Mutual labels: hacking, malware
Reverse Engineering Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 5,763 (+4265.91%)
Mutual labels: hacking, malware
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+8586.36%)
Mutual labels: hacking, malware
ThreadBoat
Program Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application
Stars: ✭ 162 (+22.73%)
Mutual labels: malware, threading
Xeexe Topantivirusevasion
Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (+193.18%)
Mutual labels: hacking, malware
Goat
🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
Stars: ✭ 218 (+65.15%)
Mutual labels: hacking, malware
Thefatrat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+4403.03%)
Mutual labels: hacking, malware
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (+2.27%)
Mutual labels: hacking, malware
Antidebugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (+21.97%)
Mutual labels: hacking, malware
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+6703.79%)
Mutual labels: hacking, malware
Awesome Hacking
Awesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+1265.15%)
Mutual labels: hacking, malware
ThreadBoat
Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application.
About
I developed this small project to continue my experiences of different code injection methods and to allow RedTeam security professionals to utilize this method as a unique way to perform software penetration testing. With Thread hijacking, it allows the hijacker.exe program to susepend a thread within the target.exe program allowing us to write shellcode to that target thread, and later be executed (via; WriteProcessMemory(), SetThreadContext(), ResumeThread(), CreateThread()).
Example GIF (Credits To Endgame)
Usage
int main()
{
System sys;
Interceptor incp;
Exception exp;
sys.returnVersionState();
if (sys.returnPrivilegeEscalationState())
{
std::cout << "Token Privileges Adjusted\n";
}
if (DWORD m_procId = incp.FindWin32ProcessId((PCHAR)m_win32ProcessName))
{
incp.ExecuteWin32Shellcode(m_procId);
}
system("PAUSE");
return 0;
}
For Further Information On Thread Execution Hijacking
Click On The Link Below
https://capec.mitre.org/data/definitions/30.html
Environment
- Windows Vista+
- Visual C++
Libs
-
Winapi
- user32.dll
- kernel32.dll
-
ntdll.dll
Ethical Notice
This code was simply written to demonstrate an overlooked method to inject shellcode or a DLL into a Win32 program. This code is not to be used for malicous purposes. The author, Josh Schiavone, is not liable for misuse of this software. May God bless you all.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].