Awesome
所有收集类项目
Injection
- PE注入、DLL注入、进程注入、线程注入、代码注入、Shellcode注入、ELF注入、Dylib注入,当前包括400+工具和350+文章,根据功能进行了粗糙的分类
- English Version
目录
- PE注入 -> (9)工具 (6)文章
- DLL注入
- 进程注入 -> (48)工具 (92)文章
- 线程注入 -> (1)工具 (9)文章
- 代码注入 -> (47)工具 (143)文章
- Shellcode注入 -> (13)工具 (26)文章
- ELF注入 -> (7)工具 (8)文章
- Dylib注入 -> (5)工具 (1)文章
- Android -> (21)工具 (10)文章
- 其他 -> (190)工具 (2)文章
<a id="81a3947baa3f99adaf73a8f9766e48fa"></a>PE注入
<a id="2642c767c5d89e80c90310fb74e6edb3"></a>工具
- [535星][20d] [C] jondonym/peinjector peinjector - MITM PE file infector
- [407星][5m] [Assembly] hasherezade/pe_to_shellcode 将PE文件转换为Shellcode
- [230星][3y] [C++] secrary/infectpe Inject custom code into PE file [This project is not maintained anymore]
- [220星][2y] [C++] bromiumlabs/packerattacker C++ application that uses memory and code hooks to detect packers
- [196星][30d] [Py] antonin-deniau/cave_miner Search for code cave in all binaries
- [126星][3y] [C++] gpoulios/ropinjector 将ROP编码的shellcode打补丁到PE文件中
- [119星][16d] [C] hasherezade/chimera_pe ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
- [119星][16d] [C] hasherezade/chimera_pe 一种PE注入器类型-可替代:RunPE、ReflectiveLoader等)-用于手动加载EXE的模板,加载时导入有效负载端
- [18星][2y] [Py] ohjeongwook/srdi
<a id="f7498d4f9350180b46ad63bedae4ea1b"></a>文章
- 2019.01 [fuzzysecurity] Powershell PE Injection: This is not the Calc you are looking for!
- 2018.09 [andreafortuna] Some thoughts about PE Injection
- 2015.09 [n0where] MITM PE file infector: PEInjector
- 2014.04 [sevagas] PE injection explained
- 2011.10 [pediy] [原创]感染PE增加导入项实现注入
- 2011.04 [codereversing] Writing a File Infector/Encrypter: PE File Modification/Section Injection (2/4)
<a id="4df0a2fb37f3cafbdaef103e982a1b0a"></a>DLL注入
<a id="4ba9c31b7264396cd7666e6b4a29b3dd"></a>集合
- [85星][3y] [C++] benjaminsoelberg/reflectivepeloader Reflective PE loader for DLL injection
<a id="f7a55b191aab1cb7a57fe44d94b54e1c"></a>工具
- [1121星][7y] [C] stephenfewer/reflectivedllinjection 反射DLL注入:一种库注入技术,其中使用反射编程的概念来执行库从内存到主机进程的加载
- [1093星][11d] [C] fdiskyou/injectallthethings 实现了多个DLL注入技术的单Visual Studio项目
- [747星][10m] [C++] darthton/xenos Windows DLL 注入器
- [635星][7m] [PS] monoxgas/srdi Shellcode实现的反射DLL注入。将DLL转换为位置无关的Shellcode
- [489星][4m] [C#] akaion/bleak Windows原生DLL注入库,支持多种注入方法
- [385星][14d] [C++] opensecurityresearch/dllinjector 实现各种方法的dll注入工具
- [382星][13d] [C] wbenny/injdrv 使用APC将DLL注入用户模式进程的Windows驱动程序
- [277星][2y] [C++] gellin/teamviewer_permissions_hook_v1 可注入的c++ dll,它使用裸内联连接和直接内存修改来更改您的TeamViewer权限
- [268星][3y] [C++] professor-plum/reflective-driver-loader 反射内核驱动注入,一种基于反射DLL注入的注入技术,绕过Windows驱动强制签名
- [227星][10d] [C++] wunkolo/uwpdumper DLL和注入器,用于在运行时转储UWP应用程序,以绕过加密的文件系统保护
- [197星][2y] [C] sud01oo/processinjection 一些进程注入方法的实现及分析
- [190星][10d] [C++] hzphreak/vminjector 使用直接内存操作来绕过在VMware Workstation / Player上运行的主要操作系统的OS登录身份验证屏幕
- [185星][19d] [C++] jonatan1024/clrinject 将 C#EXE 或 DLL 程序集注入任意CLR 运行时或者其他进程的 AppDomain
- [178星][1m] [Py] infodox/python-dll-injection Python工具包,用于将DLL文件注入到Windows上运行的进程中
- [177星][11m] [C++] strivexjun/driverinjectdll 使用驱动全局注入dll,可以隐藏dll模块
- [146星][4y] [C] dismantl/improvedreflectivedllinjection 原反射DLL注入技巧的升级版:使用bootstrap shell代码(x86或x64),从反射加载器调用DLL的任何导出
- [113星][2m] [C] rsmusllp/syringe 一个通用的DLL和代码注入工具
- [110星][7y] [C++] abhisek/pe-loader-sample 基于反射DLL注入技术的内存PE加载器
- [87星][2m] [C] countercept/doublepulsar-usermode-injector 使用 DOUBLEPULSAR payload 用户模式的 Shellcode 向其他进程注入任意 DLL
- [86星][3y] [C] zerosum0x0/threadcontinue 使用SetThreadContext()和NtContinue()的反射DLL注入
- [82星][6m] [C++] nefarius/injector Command line utility to inject and eject DLLs
- [73星][4m] [C] danielkrupinski/memject Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.
- [62星][15d] [Py] psychomario/pyinject 一个python模块,帮助将shellcode/ dll注入到windows进程中
- [61星][3y] [C] arvanaghi/windows-dll-injector 一个基本的Windows DLL注入器在C使用CreateRemoteThread和LoadLibrary
- [59星][3y] [C++] azerg/remote_dll_injector Stealth DLL injector
- [56星][1y] [C] rapid7/reflectivedllinjection 一种库注入技术,其中使用反射编程的概念将库从内存加载到主机进程中。
- [53星][5m] [C] adrianyy/keinject Kernel LdrLoadDll injector
- [52星][5m] [C] nccgroup/ncloader A session-0 capable dll injection utility
- [52星][3y] [C++] zer0mem0ry/standardinjection A simple Dll Injection demonstration
- [51星][19d] [C++] papadp/reflective-injection-detection a program to detect reflective dll injection on a live machine
- [50星][1y] [C] realoriginal/reflective-rewrite Attempt to rewrite StephenFewers Reflective DLL Injection to make it a little more stealthy. Some code taken from Meterpreter & sRDI. Currently a work in progress.
- [49星][3y] [C++] zodiacon/dllinjectionwiththreadcontext This is a sample that shows how to leverage SetThreadContext for DLL injection
- [42星][3y] [C++] zer0mem0ry/manualmap A Simple demonstration of manual dll injector
- [38星][26d] [C++] rolfrolles/wbdeshook DLL-injection based solution to Brecht Wyseur's wbDES challenge (based on SysK's Phrack article)
- [38星][2m] [Assembly] danielkrupinski/inflame User-mode Windows DLL injector written in Assembly language (FASM syntax) with WinAPI.
- [37星][4m] [C++] nanoric/pkn pkn game hacking项目核心:进程管理、内存管理和DLL注入
- [36星][7m] [C++] blole/injectory command-line interface dll injector
- [33星][3m] [C++] notscimmy/libinject Currently supports injecting signed/unsigned DLLs in 64-bit processes
- [31星][4m] [Py] fullshade/poppopret-nullbyte-dll-bypass 绕过一个空字节在一个popp - popp - retn地址为利用本地SEH溢出通过DLL注入的方法
- [30星][6m] [C++] psmitty7373/eif Evil Reflective DLL Injection Finder
- [29星][4m] [C++] m-r-j-o-h-n/swh-injector An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
- [29星][4y] [C++] stormshield/beholder-win32 A sample on how to inject a DLL from a kernel driver
- [28星][4m] [Py] fullshade/py-memject A Windows .DLL injector written in Python
- [27星][6m] [HTML] flyrabbit/winproject Hook, DLLInject, PE_Tool
- [27星][4m] [C] ice3man543/zeusinjector An Open Source Windows DLL Injector With All Known Techniques Available
- [27星][5y] [C] olsut/kinject-x64 Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.
- [27星][5m] [C] sqdwr/loadimageinject LoadImage Routine Inject Dll
- [25星][1y] [C#] enkomio/managedinjector A C# DLL injection library
- [25星][6y] [C] whyallyn/paythepony 使用反射DLL注入库注入到远程进程,加密和要求文件的赎金,并造成我的小马疯狂的系统。
- [24星][2m] [C#] tmthrgd/dll-injector Inject and detour DLLs and program functions both managed and unmanaged in other programs, written (almost) purely in C#. [Not maintained].
- [21星][3y] [C] al-homedawy/injector A Windows driver used to facilitate DLL injection
- [21星][5y] [C] nyx0/dll-inj3cti0n Another dll injection tool.
- [21星][29d] [C++] coreyauger/slimhook Demonstration of dll injection. As well loading .net runtime and calling .net code. Example hijacking d3d9 dll and altering rendering of games.
- [17星][12m] [C] strobejb/injdll DLL Injection commandline utility
- [17星][5m] [C#] cameronaavik/ilject Provides a way which you can load a .NET dll/exe from disk, modify/inject IL, and then run the assembly all in memory without modifying the file.
- [15星][2y] [C] ntraiseharderror/phage Reflective DLL Injection style process infector
- [15星][3y] [C] portcullislabs/wxpolicyenforcer Injectable Windows DLL which enforces a W^X memory policy on a process
- [14星][4m] [C#] ulysseswu/vinjex A simple DLL injection lib using Easyhook, inspired by VInj.
- [13星][1y] [C++] matrix86/wincodeinjection Dll Injection and Code injection sample
- [13星][4y] [C++] spl0i7/dllinject Mineweeper bot by DLL Injection
- [12星][4m] [C++] sherazibrahim/dll-injector 一个dll注入器
- [11星][9m] [C#] ihack4falafel/dll-injection C# program that takes process id and path to DLL payload to perform DLL injection method.
- [9星][18d] [C++] pfussell/pivotal A MITM proxy server for reflective DLL injection through WinINet
- [9星][9m] [C] userexistserror/injectdll Inject a Dll from memory
- [9星][1y] [Assembly] dentrax/dll-injection-with-assembly DLL Injection to Exe with Assembly using OllyDbg
- [7星][1y] [C] haidragon/newinjectdrv APC注入DLL内核层
- [6星][2y] thesph1nx/covenant Metepreter clone - DLL Injection Backdoor
- [5星][5y] [C++] ciantic/remotethreader Helps you to inject your dll in another process
- [5星][4m] [C++] reclassnet/reclass.net-memorypipeplugin A ReClass.NET plugin which allows direct memory access via dll injection.
- [1星][1y] [PS] getrektboy724/maldll A bunch of malicius dll to inject to a process
<a id="f69bdae6414fe41f7b2ff0a5ae646e0e"></a>文章
- 2020.02 [0x00sec] DLL injections (safety)
- 2019.08 [tyranidslair] Windows Code Injection: Bypassing CIG Through KnownDlls
- 2019.08 [tyranidslair] Windows Code Injection: Bypassing CIG Through KnownDlls
- 2019.03 [code610] DLL Injection - part 2
- 2018.10 [pediy] [原创]代替创建用户线程使用ShellCode注入DLL的小技巧
- 2018.10 [4hou] 如何利用DLL注入绕过Win10勒索软件保护
- 2018.10 [0x00sec] Reflective Dll Injection - Any Way to check If a process is already injected?
- 2018.09 [pediy] [原创]win10_arm64 驱动注入dll 到 arm32程序
- 2018.09 [code610] DLL Injection - part 1
- 2018.08 [freebuf] sRDI:一款通过Shellcode实现反射型DLL注入的强大工具
- 2018.08 [vkremez] Let's Learn: Dissecting Panda Banker & Modules: Webinject, Grabber & Keylogger DLL Modules
- 2018.07 [4hou] 注入系列——DLL注入
- 2018.06 [0x00sec] Reflective DLL Injection - AV detects at runtime
- 2018.06 [qq] 【游戏漏洞】注入DLL显示游戏窗口
- 2018.06 [pediy] [原创]远程注入之dll模块深度隐藏
- 2018.02 [pediy] [求助]内存dll的远程线程注入,如何使用MemoryModule开源库?
- 2017.12 [secist] Mavinject | Dll Injected
- 2017.12 [secvul] SSM终结dll注入
- 2017.10 [nsfocus] 【干货分享】Sandbox技术之DLL注入
- 2017.10 [freebuf] DLL注入新姿势:反射式DLL注入研究
- 2017.10 [pediy] [原创]通过Wannacry分析内核shellcode注入dll技术
- 2017.09 [360] 利用DLL延迟加载实现远程代码注入
- 2017.09 [360] Dll注入新姿势:SetThreadContext注入
- 2017.08 [silentbreaksecurity] sRDI – Shellcode Reflective DLL Injection
- 2017.08 [360] DLL注入那些事
- 2017.08 [freebuf] 系统安全攻防战:DLL注入技术详解
- 2017.08 [pediy] [翻译]多种DLL注入技术原理介绍
- 2017.07 [0x00sec] Reflective DLL Injection
- 2017.07 [zerosum0x0] 利用 SetThreadContext() 和 NtContinue() 实现反射 DLL 加载
- 2017.07 [zerosum0x0] Proposed Windows 10 EAF/EMET "Bypass" for Reflective DLL Injection
- 2017.05 [360] NSA武器库:DOUBLEPULSAR的内核DLL注入技术
- 2017.05 [lallouslab] 7 DLL injection techniques in Microsoft Windows
- 2017.05 [3or] mimilib DHCP Server Callout DLL injection
- 2017.05 [3or] Hunting DNS Server Level Plugin dll injection
- 2017.04 [arvanaghi] DLL Injection Using LoadLibrary in C
- 2017.04 [4hou] 通过APC实现Dll注入——绕过Sysmon监控
- 2017.04 [bogner] CVE-2017-3511: Code Injection through DLL Sideloading in 64bit Oracle Java
- 2017.04 [countercept] Analyzing the DOUBLEPULSAR Kernel DLL Injection Technique
- 2017.04 [countercept] NSA武器库:DOUBLEPULSAR的内核DLL注入技术
- 2017.04 [3gstudent] 通过APC实现Dll注入——绕过Sysmon监控
- 2017.04 [pentestlab] DLL Injection
- 2017.03 [pediy] [原创]不用导出任何函数的DLL劫持注入,完美!
- 2016.06 [lowleveldesign] !injectdll – a remote thread approach
- 2016.06 [lowleveldesign] !injectdll – a WinDbg extension for DLL injection
- 2016.04 [ketansingh] Hacking games with DLL Injection
- 2016.02 [freebuf] 通过 DLL 注入和代码修改绕过 XIGNCODE3 的反作弊保护
- 2016.01 [freebuf] DLL注入的几种姿势(二):CreateRemoteThread And More
- 2016.01 [freebuf] DLL注入的几种姿势(一):Windows Hooks
- 2015.11 [modexp] DLL/PIC Injection on Windows from Wow64 process
- 2015.09 [pediy] [原创]c++ 载入内存中dll ,以及内存注入 (已开源)
- 2015.08 [rapid7] Using Reflective DLL Injection to exploit IE Elevation Policies
- 2015.07 [pediy] [原创]今天写了个apc注入dll代码,可以当工具使用
- 2015.05 [codereversing] Debugging Injected DLLs
- 2015.05 [WarrantyVoider] DAI dll injection test - successfull
- 2015.04 [securestate] DLL Injection Part 2: CreateRemoteThread and More
- 2015.03 [securestate] DLL Injection Part 1: SetWindowsHookEx
- 2015.03 [securestate] DLL Injection Part 0: Understanding DLL Usage
- 2014.10 [codingvision] C# Inject a Dll into a Process (w/ CreateRemoteThread)
- 2014.04 [pediy] [分享]重读老文章:DLL注入的又一个梗
- 2014.04 [pediy] [分享]老文章系列:APC注入DLL的梗
- 2014.03 [trustwave] Old School Code Injection in an ATM .dll
- 2014.01 [osandamalith] Ophcrack Path Subversion Arbitrary DLL Injection Code Execution
- 2013.12 [pediy] [原创]DLL自卸载无模块注入源码(一)
- 2013.09 [debasish] Inline API Hooking using DLL Injection
- 2013.09 [freebuf] 对国内各种安全卫士产品的一种通用虐杀、DLL注入、本地代码执行的方法
- 2013.08 [pediy] [原创]重温远程注入-------无dll
- 2013.06 [msreverseengineering] What is DLL Injection and How is it used for Reverse Engineering?
- 2013.05 [pediy] [原创]关于dll注入方法
- 2013.03 [pediy] [原创]DLL注入之远线程方式
- 2013.02 [pediy] [原创]易语言静态编译的DLL注入到其他语言写的EXE中后的完美卸载
- 2012.10 [octopuslabs] DLL Injection – A Splash Bitmap
- 2012.09 [debasish] KeyLogging through DLL Injection[The Simplest Way]
- 2012.09 [volatility] MoVP 2.1 Atoms (The New Mutex), Classes and DLL Injection
- 2012.06 [freebuf] [更新]一款非常不错的dll注入器 – RemoteDLL V2
- 2012.05 [brindi] DLL and Code Injection in Python
- 2011.11 [pediy] [原创]滴水逆向学习收获1-双进程无dll注入(1楼,17楼,21楼,27楼,30楼,33楼)[已更新至33楼]
- 2011.06 [pediy] [原创]利用钩子函数来注入DLL的一个具体应用:点击桌面不同图标,播放相应音符
- 2011.01 [pediy] [原创]进程管理dll注入综合小工具[附源码]
- 2010.12 [pediy] [原创]Ring3下劫持CreateProcess注入dll
- 2010.01 [pediy] [原创]dll注入辅助工具[带源码]
- 2009.08 [pediy] [原创]最简单的DLL注入
- 2009.07 [pediy] [原创]注入DLL之ANSI版--改自Jeffrey的《windows核心编程》
- 2009.04 [pediy] 不需要依赖dllmain触发的CE注入代码
- 2008.12 [pediy] [原创][代程]远程线程详解(一):无DLL远程线程注入
- 2008.11 [sans] Finding stealth injected DLLs
- 2008.11 [pediy] [原创]N种内核注入DLL的思路及实现
- 2008.10 [pediy] [原创]IAT HOOK 代码注入非DLL
- 2008.03 [pediy] [献丑]Win32汇编实现DLL的远程注入及卸载
- 2007.12 [pediy] [原创]QueueUserApc实现DLL注入
- 2006.11 [pediy] 再谈Dll注入NetTransport 2.25.337[原创]
- 2006.10 [pediy] [原创]Dll注入NetTransport 2.25.337
- 2005.08 [pediy] ApiHook,InjectDll 单元及其应用 [Delphi代码]
<a id="97ceb80739f1d2efce08baaf98dce0fc"></a>进程注入
<a id="5ed3d284b106ffdc141f447f59326b00"></a>工具
- [2389星][10d] [Py] lmacken/pyrasite 向运行中的 Python进程注入代码
- [1568星][17d] [Py] google/pyringe Python调试器,可附加Python进程并向其中注入代码
- [1486星][3m] [C] rikkaapps/riru 通过替换libmemtrack注入合子进程
- [899星][1y] [C++] secrary/injectproc 多种DLL注入、进程替换、Hook注入、APC注入的实现
- [655星][4y] [C] rentzsch/mach_inject Mac OS X的进程间代码注入
- [589星][14d] [C] gaffe23/linux-inject Tool for injecting a shared object into a Linux process
- [536星][13d] [C] odzhan/injection Windows process injection methods
- [435星][11d] [Py] davidbuchanan314/dlinject Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
- [413星][4y] [C#] zenlulz/memorysharp Windows程序内存编辑库,C#编写,可向远程进程注入输入和代码,或读取远程进程内存
- [381星][14d] [C++] evilsocket/arminject An application to dynamically inject a shared object into a running process on ARM architectures.
- [376星][12d] [C++] theevilbit/injection various process injection technique
- [363星][4m] [C++] safebreach-labs/pinjectra 一个实现进程注入技术的类C/ c++类操作系统库(主要关注Windows 10 64位)
- [362星][4m] [C#] rasta-mouse/tikitorch Process Injection
- [294星][26d] [C] quarkslab/quarkspwdump Dump various types of Windows credentials without injecting in any process.
- [267星][2y] [C++] chadski/sharpneedle Inject C# code into a running process
- [246星][16d] [C] suvllian/process-inject 在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
- [204星][4y] [C] dismantl/linux-injector Utility for injecting executable code into a running process on x86/x64 Linux
- [163星][1m] [C] dhavalkapil/libdheap 可以透明地注入到不同进程的共享(动态)库,以检测glibc堆中的内存损坏
- [157星][9m] [C] hasherezade/process_doppelganging 进程注入技术 Process Doppelganging 的实现代码
- [154星][1m] [C] ixty/mandibule 向远程进程注入ELF文件
- [144星][4m] [PS] empireproject/psinject Inject PowerShell into any process
- [142星][4m] [C#] 3xpl01tc0d3r/processinjection This program is designed to demonstrate various process injection techniques
- [142星][4m] [C] antoniococo/mapping-injection Just another Windows Process Injection
- [126星][8d] [C++] ez8-co/yapi fusion injector that reduce differences between x64, wow64 and x86 processes
- [111星][5m] [C++] arno0x/tcprelayinjecter Tool for injecting a "TCP Relay" managed assembly into unmanaged processes
- [110星][16d] [Shell] aoncyberlabs/cexigua Linux based inter-process code injection without ptrace(2)
- [85星][1m] [C] elfmaster/saruman ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
- [76星][5y] [C++] malwaretech/zombifyprocess Inject code into a legitimate process
- [62星][8m] [C] kubo/injector Library for injecting a shared library into a Linux or Windows process
- [59星][4y] [C] infosecguerrilla/reflectivesoinjection 一种库注入技术,其中使用反射编程的概念将库从内存加载到主机进程中
- [53星][1m] [Py] xiphosresearch/steelcon-python-injection Python Process Injection PoC Code from my SteelCon talk in 2014
- [52星][6y] [C++] georgenicolaou/heaveninjector Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process
- [47星][7m] [PS] 3gstudent/code-execution-and-process-injection Powershell to CodeExecution and ProcessInjection
- [46星][5y] [C++] tandasat/remotewritemonitor A tool to help malware analysts tell that the sample is injecting code into other process.
- [37星][4m] [C] egguncle/ptraceinject 进程注入
- [31星][25d] [ObjC] cwbudde/cordova-plugin-wkwebview-inject-cookie Injects a cookie in order to start the sync processs with wkWebView
- [30星][2y] [C++] ntraiseharderror/unrunpe PoC for detecting and dumping process hollowing code injection
- [30星][4m] [C#] mr-un1k0d3r/remoteprocessinjection C# remote process injection utility for Cobalt Strike
- [16星][2y] [C++] xfgryujk/injectexe Inject the whole exe into another process
- [16星][1m] [C] narhen/procjack PoC of injecting code into a running Linux process
- [14星][24d] [C++] eternityx/zinjector zInjector is a simple tool for injecting dynamic link libraries into arbitrary processes
- [10星][2m] [JS] lmangani/node_ssl_logger Decrypt and log process SSL traffic via Frida Injection
- [10星][1y] [C++] shaxzy/vibranceinjector Mono process injector
- [8星][5y] [C++] hkhk366/memory_codes_injection 将代码注入到另一个进程中,以监视和操作其他进程。这通常被用作杀毒软件
- [6星][2m] [ObjC] couleeapps/mach_inject_32 Inject libraries into 32 processes on macOS Mojave
- [6星][3m] [Jupyter Notebook] jsecurity101/detecting-process-injection-techniques This is a repository that is meant to hold detections for various process injection techniques.
- [1星][2y] [C++] malwaresec/processinjection Repo for process injection source files
- [None星][C] realoriginal/ppdump-public 使用Zemana AntiMalware引擎打开一个特权句柄到一个PP/PPL进程并注入MiniDumpWriteDump()
<a id="78df9ff3771ac1e9d9dff3eba0055d25"></a>文章
- 2020.04 [infosecinstitute] MITRE ATT&CK spotlight: Process injection
- 2020.03 [jsecurity101] Engineering Process Injection Detections -
- 2020.02 [vkremez] Let's Learn: Inside Parallax RAT Malware: Process Hollowing Injection & Process Doppelgänging API Mix: Part I
- 2020.01 [BlackHat] Process Injection Techniques - Gotta Catch Them All
- 2020.01 [hakin9] Mapping-Injection: Just another Windows Process Injection
- 2019.12 [HackersOnBoard] DEF CON 27 - Itzik Kotler - Process Injection Techniques Gotta Catch Them All
- 2019.11 [freebuf] ATT&CK中的进程注入三部曲
- 2019.11 [4hou] 实现Windows进程注入的7种新方法
- 2019.10 [Cooper] Fileless Malware Infection And Linux Process Injection In Linux OS - Hendrik Adrian
- 2019.09 [freebuf] 在遇到shellcode注入进程时所使用的调试技
- 2019.09 [aliyun] 细说Cobalt Strike进程注入
- 2019.09 [aliyun] 进程注入概述(一)
- 2019.09 [sevagas] Process PE Injection Basics
- 2019.08 [4hou] 远程进程shellcode注入调试技巧
- 2019.08 [cobaltstrike] Cobalt Strike’s Process Injection: The Details
- 2019.07 [fortinet] A Deep Dive Into IcedID Malware: Part I - Unpacking, Hooking and Process Injection
- 2019.05 [4hou] 借助ProcessHollowing和代码注入感染合法进程:信息窃取恶意软件FormBook分析
- 2019.04 [OALabs] Reverse Engineering Quick Tip - Unpacking Process Injection With a Single Breakpoint
- 2018.12 [4hou] 如何借助COM对Windows受保护进程进行代码注入(第二部分)
- 2018.11 [googleprojectzero] 利用COM向Windows受保护进程注入代码, Part2
- 2018.11 [andreafortuna] Process Injection and Persistence using Application Shimming
- 2018.11 [4hou] 如何借助COM对Windows受保护进程进行代码注入
- 2018.10 [freebuf] 十种进程注入技术介绍:常见注入技术及趋势调查
- 2018.10 [360] 如何将.NET程序注入到非托管进程
- 2018.10 [aliyun] 使用COM将代码注入到受Windows保护的进程中
- 2018.10 [aliyun] 【老文】如何将.Net程序集注入非托管进程
- 2018.10 [googleprojectzero] Injecting Code into Windows Protected Processes using COM - Part 1
- 2018.10 [4hou] 如何针对Windows中ConsoleWindowClass对象实现进程注入
- 2018.09 [aliyun] windows 进程注入之控制台窗口类
- 2018.08 [4hou] Windows进程注入:额外的窗口字节
- 2018.08 [aliyun] Windows进程注入技术之额外的Window字节篇
- 2018.08 [aliyun] Windows进程注入技术之PROPagate篇
- 2018.07 [malcomvetter] .NET Process Injection
- 2018.07 [4hou] 攻击者如何向正在运行的Linux进程注入恶意代码
- 2018.07 [4hou] Windows进程注入:如何将有效负载部署到目标进程的内存空间中执行
- 2018.07 [360] Windows进程注入payload分析
- 2018.05 [freebuf] 利用“进程注入”实现无文件复活 WebShell
- 2018.05 [4hou] CTRL-INJECT进程注入技术详解
- 2018.05 [360] 针对新型进程注入技术Ctrl-Inject的原理分析
- 2018.04 [360] 深入分析Get-InjectedThread进程注入检测工具的原理并尝试绕过
- 2018.04 [360] 深入分析恶意软件Formbook:混淆和进程注入(下)
- 2018.04 [360] 深入分析恶意软件Formbook:混淆和进程注入(上)
- 2018.03 [aliyun] 利用GDB实现进程注入
- 2018.02 [endgame] Stopping Olympic Destroyer: New Process Injection Insights
- 2018.01 [4hou] 恶意软件Ursnif的隐蔽进程注入技术分析
- 2018.01 [vkremez] Let's Learn: Dissect Panda Banking Malware's "libinject" Process Injection Module
- 2017.12 [4hou] Ursnif恶意软件变种技术新升级,利用TLS回调技术进程注入
- 2017.11 [fireeye] Ursnif 变种使用 TLS 回调技巧实现进程注入
- 2017.11 [freebuf] 使用恶意软件将隐藏代码注入已知进程的渗透研究
- 2017.11 [OALabs] Unpacking Process Injection Malware With IDA PRO (Part 2)
- 2017.11 [OALabs] Unpacking Process Injection Malware With IDA PRO (Part 1)
- 2017.10 [securityintelligence] Diving Into Zberp’s Unconventional Process Injection Technique
- 2017.09 [4hou] 无需Ptrace就能实现Linux进程间代码注入
- 2017.09 [gdssecurity] Linux 进程内代码注入(无需Ptrace)
- 2017.08 [pediy] [翻译]十种注入技巧:具有通用性的进程注入技巧研究
- 2017.07 [4hou] 十种流行进程注入技术详细分析
- 2017.07 [360] 10种常见的进程注入技术的总结
- 2017.07 [endgame] 10种进程注入技术:普通和流行的进程注入技术调查
- 2017.07 [vulnerablelife] Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques
- 2017.07 [microsoft] Detecting stealthier cross-process injection techniques with Windows Defender ATP: Process hollowing and atom bombing
- 2017.07 [struppigel] Process Injection Info Graphic
- 2017.07 [freebuf] pyrasite – 向python进程注入代码工具
- 2017.05 [MalwareAnalysisForHedgehogs] Malware Analysis - Code Injection via CreateRemoteThread & WriteProcessMemory
- 2017.04 [4hou] 在Linux下使用ptrace向sshd进程注入任意代码
- 2017.03 [360] DoubleAgent:代码注入和持久化技术--允许在任何Windows版本上控制任何进程
- 2017.03 [] DoubleAgent技术:任意进程下代码注入与权限维持
- 2017.03 [microsoft] Uncovering cross-process injection with Windows Defender ATP
- 2017.02 [4hou] 32位程序对64位进程的远程注入实现
- 2016.02 [360] linux-inject:注入代码到运行的Linux进程中
- 2015.08 [pediy] [原创]win7 32位进程注入64位进程
- 2015.08 [christophertruncer] Injecting Shellcode into a Remote Process with Python
- 2015.08 [pediy] [原创]纯C++编写Win32/X64通用Shellcode注入csrss进程.
- 2015.08 [securestate] Injecting Python Code Into Native Processes
- 2015.08 [securestate] Injecting Python Code Into Native Processes
- 2015.05 [redcanary] What Red Canary Detects: Spotlight on Process Injection
- 2015.04 [pediy] [原创]一个Win7X64内核注入32位进程的例子
- 2014.07 [pediy] [原创]C++进程注入(通过远程线程注入进程)
- 2014.06 [lastline] Dissecting Payload Injection Using LLama Process Snapshots
- 2014.05 [talosintelligence] Betabot Process Injection
- 2014.03 [pediy] [原创]注入安卓进程,并hook java世界的方法
- 2013.05 [lhj0711010212] 使用injectso技术注入mtrace,对进程进行内存检测
- 2013.04 [pediy] [原创]另类注入 傀儡进程测试
- 2013.03 [pediy] [原创]<<游戏外挂攻防艺术>>注入2.3节依赖可信进程注入
- 2013.01 [pediy] [原创]多种注入进程
- 2012.04 [dreamofareverseengineer] Identifying malicious injected code in Legit Process through dynamic analysis:
- 2011.07 [firebitsbr] Syringe utility provides ability to inject shellcode into processes
- 2010.10 [pediy] [原创]劫持正在运行进程的EIP注入代码的方法
- 2010.08 [pediy] [原创]创建远程线程,将代码注入到其它进程中执行
- 2010.08 [console] Bypassing AntiVirus With Process Injection
- 2007.12 [pediy] [原创]进程注入——一个同时支持Win98, WinMe, Win2000, WinXp 的方法(源代码加详细注释)
- 2007.04 [pediy] [原创]三线程..进程保护@远线程直接代码注入 for Delphi
- 2004.06 [pediy] 用进程注入来实现一个壳
<a id="3b2252d379d384475de4654bd5d0b368"></a>线程注入
<a id="9ff33dd10584407a654590a7cf18c6f0"></a>工具
- [49星][2y] [C] vallejocc/poc-inject-data-wm_copydata A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext
<a id="a7433a31e0f33f936d15d6ad61437bc6"></a>文章
- 2020.03 [trustedsec] Avoiding Get-InjectedThread for Internal Thread Creation
- 2018.12 [pediy] [原创]远程线程注入计算器
- 2018.04 [xpnsec] PowerShell脚本Get-InjectedThread可枚举进程, 并判定进程是否被注入. 文章解释脚本监测原理, 以及绕过此种监测的方式
- 2018.03 [pediy] [原创]驱动注入用户线程之跨session通知csrss之真正解决
- 2017.10 [pediy] [原创]ReflectiveLoader(远程线程的注入 PE的修正)
- 2017.05 [4hou] 免杀新姿势:利用线程将恶意代码注入到内存中
- 2014.06 [dreamofareverseengineer] Monitoring Thread Injection
- 2009.10 [pediy] [原创]老生常谈-远程线程注入
- 2006.02 [pediy] [原创]ShellCode的另外一种玩法(远程线程注入ShellCode)
<a id="02a1807b6a7131af27e3ed1002e7335a"></a>代码注入
<a id="303ed79296c5af9c74cfd49dd31a399e"></a>工具
- [6260星][10d] [ObjC] johnno1962/injectionforxcode Runtime Code Injection for Objective-C & Swift
- [2386星][2y] [Py] danmcinerney/lans.py 注入代码并监视wifi用户
- [1685星][11d] [Py] epinna/tplmap 代码注入和服务器端模板注入(Server-Side Template Injection)漏洞利用,若干沙箱逃逸技巧。
- [1470星][4m] [Swift] johnno1962/injectioniii 在(大部分)Swift4中重写Xcode的注入
- [1112星][14d] [ObjC] dyci/dyci-main Dynamic Code Injection Tool for Objective-C
- [983星][3y] [C] cybellum/doubleagent Zero-Day Code Injection and Persistence Technique
- [614星][16d] [C++] breakingmalwareresearch/atom-bombing Brand New Code Injection for Windows
- [265星][5y] [C++] breakingmalware/powerloaderex Advanced Code Injection Technique for x32 / x64
- [249星][8y] rentzsch/mach_star code injection and function overriding for Mac OS X
- [228星][12d] [C++] marcosd4h/memhunter Live hunting of code injection techniques
- [214星][17d] [C] peperunas/injectopi 一堆Windows 代码注入教程
- [186星][7m] [ObjC] nakiostudio/twitterx Keeping Twitter for macOS alive with code injection
- [170星][2y] [Py] undeadsec/debinject Inject malicious code into *.debs
- [116星][22d] [C#] p0cl4bs/hanzoinjection injecting arbitrary codes in memory to bypass common antivirus solutions
- [91星][2m] [Py] hackatnow/cromos 一个工具,下载合法的扩展Chrome网络商店和注入代码的应用程序的背景
- [90星][4y] [Java] zerothoughts/spring-jndi Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
- [66星][2y] [Java] sola-da/synode Automatically Preventing Code Injection Attacks on Node.js
- [65星][3y] [Py] sethsec/pycodeinjection Automated Python Code Injection Tool
- [65星][3m] [Py] tbarabosch/quincy 在内存转储中检测基于主机的代码注入攻击
- [49星][2m] [C#] guibacellar/dnci DNCI - Dot Net Code Injector
- [48星][3y] [C++] tonyzesto/pubgprivxcode85 简单chams wallhack为玩家未知的战场使用D3D11DrawIndexed钩子功能列表
- [47星][1y] [C] yifanlu/3ds_injector Open source implementation of loader module with code injection support
- [46星][7m] [C] rodionovd/task_vaccine Yet another code injection library for OS X
- [37星][2m] [C] sduverger/ld-shatner ld-linux code injector
- [34星][2y] [C++] ntraiseharderror/dreadnought PoC for detecting and dumping code injection (built and extended on UnRunPE)
- [27星][4y] [Java] zerothoughts/jndipoc Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
- [27星][6m] [Java] dinject/dinject Dependency injection via APT (source code generation) ala "Server side Dagger DI"
- [25星][7m] [Py] batteryshark/miasma Cross-Platform Binary OTF Patcher, Code Injector, Hacking Utility
- [25星][3y] [C++] hatriot/delayloadinject Code injection via delay load libraries
- [20星][2y] [c] odzhan/propagate PROPagate code injection technique example
- [19星][3y] [Swift] depoon/injectiblelocationspoofing Location Spoofing codes for iOS Apps via Code Injection
- [18星][6y] [ObjC] mhenr18/injector Code injection + payload communications for OSX (incl. sandboxed apps)
- [17星][2m] [C++] sunsided/native-dotnet-code-injection Injection of managed code into non-managed Windows applications
- [14星][2m] [C#] gerich-home/lua-inject Inject any C# code into programs with lua
- [13星][3y] [C] tbarabosch/1001-injects Tiny research project to understand code injections on Linux based systems
- [13星][3m] [C++] revsic/codeinjection Code Injection technique written in cpp language
- [11星][2y] [C] gdbinit/calcspace Small util to calculate available free space in mach-o binaries for code injection
- [11星][7y] [C#] yifanlu/vitainjector Inject userland ARM code through PSM
- [9星][19d] [Py] bao7uo/waf-cookie-fetcher 一个用Python编写的Burp套件扩展,它使用一个无头浏览器来获取注入晶圆的cookie的值,这些cookie是通过客户端JavaScript代码在浏览器中计算出来的,并将它们添加到Burp的cookie jar中
- [9星][6m] [Py] mpgn/cve-2018-16341 CVE-2018-16341 - Nuxeo Remote Code Execution without authentication using Server Side Template Injection
- [7星][2y] [PHP] jpapayan/aspis A PHP code transformer to provide protection against injection attacks
- [6星][2y] [Py] andreafortuna/pycodeinjector Python code injection library
- [4星][1y] [Java] righettod/injection-cheat-sheets Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).
- [2星][2y] [Standard ML] 11digits/php-clean-malware Simple PHP code to assist in cleaning of injected malware PHP code
- [2星][9m] [C++] thepwnrip/code-injection A collection of methods of Code Injection on Windows
- [1星][1y] [C++] smore007/remote-iat-hook Remote IAT hook example. Useful for code injection
- [None星][Py] thelinuxchoice/eviloffice Inject Macro and DDE code into Excel and Word documents (reverse shell)
<a id="5e603e03f62d50e6fa8310e15470f233"></a>文章
- 2020.05 [hexacorn] New Code Injection/Execution – Marsh…mellow
- 2020.04 [hexacorn] Code Injection everyone forgets about
- 2020.03 [WHIDInjector] Remotely Injecting Keystrokes through an Industrial Barcode
- 2020.01 [hakin9] Memhunter - Live Hunting Of Code Injection Techniques
- 2020.01 [WarrantyVoider] RE with WV - Episode #7 Binary Editing and Code Injection
- 2019.12 [HackersOnBoard] DEF CON 27 - Alon Weinberg - Please Inject Me a x64 Code Injection
- 2019.12 [sevagas] Code Injection - Exploit WNF callback
- 2019.12 [sevagas] Code Injection - Disable Dynamic Code Mitigation (ACG)
- 2019.11 [ojasookert] Macy’s, Magecart, Black Friday, and JavaScript Code Injection
- 2019.10 [talosintelligence] YouPHPTube Encoder base64Url multiple command injections
- 2019.09 [netsparker] What is Code Injection and How to Avoid It
- 2019.09 [aliyun] 初探代码注入
- 2019.08 [bugbountywriteup] When i found php code injection
- 2019.07 [bromium] Dridex’s Bag of Tricks: An Analysis of its Masquerading and Code Injection Techniques
- 2019.07 [aliyun] Discuz!ML V3.X 代码注入分析
- 2019.06 [pewpewthespells] Blocking Code Injection on iOS and OS X
- 2019.05 [hexacorn] ‘Plata o plomo’ code injections/execution tricks
- 2019.05 [HackerSploit] Bug Bounty Hunting - PHP Code Injection
- 2019.04 [hexacorn] SHLoadInProc – The Non-Working Code Injection trick from the past
- 2019.04 [hexacorn] Listplanting – yet another code injection trick
- 2019.04 [hexacorn] 3 new code injection tricks
- 2019.04 [hexacorn] Treepoline – new code injection technique
- 2019.04 [hexacorn] WordWarper – new code injection trick
- 2019.04 [JosephDelgadillo] Learn System Hacking E6: PHP Code Injection
- 2019.03 [freebuf] Java代码审计之SpEL表达式注入
- 2019.03 [aditya12anand] How to write secure code against injection attacks?
- 2019.03 [andreafortuna] A simple Windows code Injection example written in C#
- 2018.12 [360] Linux Userland内存代码注入实践
- 2018.12 [aliyun] HubL中的EL注入导致远程代码执行
- 2018.11 [aliyun] [红日安全]代码审计Day17 - Raw MD5 Hash引发的注入
- 2018.11 [freebuf] clrinject:向CLR Runtimes和AppDomain中注入代码的工具
- 2018.10 [MSbluehat] BlueHat v18 || Memory resident implants - code injection is alive and well
- 2018.09 [ironcastle] More Excel DDE Code Injection, (Fri, Sep 28th)
- 2018.09 [sans] More Excel DDE Code Injection
- 2018.09 [bugbountywriteup] Injecting tourism website running codeigniter
- 2018.08 [andreafortuna] pycodeinjector: a simple python Code Injection library
- 2018.08 [trustedsec] Breaking Down the PROPagate Code Injection Attack
- 2018.08 [andreafortuna] Code injection on Windows using Python: a simple example
- 2018.07 [4hou] Firefox里的未知扩展正在将不需要的代码注入用户访问过的网站
- 2018.07 [aliyun] 服务器端电子表格注入 - 从公式注入到远程代码执行
- 2018.06 [bishopfox] 服务器端Spreadsheet注入: 利用公式注入实现RCE
- 2018.05 [freebuf] 黑客公布Signal通讯软件中的代码注入攻击
- 2018.04 [freebuf] PentesterLab新手教程(一):代码注入
- 2018.04 [4hou] Early Bird代码注入可绕过杀毒软件检测
- 2018.04 [freebuf] $_SERVER[SCRIPT_NAME]变量可值注入恶意代码
- 2018.02 [360] 从概念到实际应用:详细讲解用户级API监控和代码注入检测方法
- 2018.01 [aliyun] 某电商前台代码注入
- 2018.01 [doyler] Nodejs Code Injection (EverSec CTF – BSides Raleigh 2017)
- 2018.01 [4hou] 星巴克挖矿事件分析:黑客是如何黑掉WiFi并将挖矿代码注入到HTML页面的?
- 2018.01 [4hou] PoS端恶意软件LockPoS携新型代码注入技术强势回归
- 2018.01 [oherrala] Using static typing to protect against code injection attacks
- 2017.12 [4hou] 代码注入技术Process Doppelgänging利用介绍
- 2017.12 [4hou] 新型代码注入攻击(Process Doppelgänging):可绕过大多数AV检测
- 2017.11 [4hou] Wi-Fi网络中,翻转照片,注入恶意代码到客户端
- 2017.11 [freebuf] PROPagate:一种新的代码注入技巧介绍
- 2017.11 [l0wb1tUC] COD WWII Code Injection Fail
- 2017.11 [hexacorn] PROPagate – a new code injection trick – 64-bit and 32-bit
- 2017.10 [4hou] PROPagate——一种新的代码注入技巧
- 2017.10 [hexacorn] 新的代码注入技巧 PROPagate
- 2017.09 [decktonic] How one hacker stole thousands of dollars worth of cryptocurrency with a classic code injection…
- 2017.09 [freebuf] LANs.py:一款可以实现代码注入,无线渗透和WiFi用户监控的强大工具
- 2017.09 [arxiv] [1709.05690] BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews
- 2017.08 [defencely] Achieving Code Injection on Trendy – Sarahah.com
- 2017.07 [bogner] Code Injection in Slack’s Windows Desktop Client leads to Privilege Escalation
- 2017.06 [trendmicro] 勒索软件 SOREBRECT 分析。采用了“无文件”、利用 PsExec 注入代码等技术
- 2017.04 [welivesecurity] Fake Chrome extensions inject code into web pages
- 2017.04 [n0where] Inject Custom Code Into PE File: InfectPE
- 2017.03 [mstajbakhsh] Smali Code Injection: Playing with 2048!
- 2017.03 [HackingMonks] Remote Code Injection on DVWA medium
- 2017.03 [360] AtomBombing:Windows的全新代码注入技术
- 2017.02 [360] 如何在.ipa文件上进行iOS代码注入
- 2017.01 [securiteam] SSD Advisory – Icewarp, AfterLogic and MailEnable Code Injection
- 2017.01 [sentinelone] What Is Code Injection?
- 2017.01 [csyssec] 二进制代码注入PIN
- 2016.12 [mstajbakhsh] Smali Code Injection
- 2016.12 [tevora] Gaining Code Execution with Injection on Java args
- 2016.11 [doyler] Exploiting Python Code Injection in Web Applications
- 2016.11 [kennethpoon] How to perform iOS Code Injection on .ipa files
- 2016.11 [thembits] Loffice gets a makeover - Gives an insight into antis and detect code injection
- 2016.11 [360] 利用Python代码实现Web应用的注入
- 2016.11 [sethsec] Exploiting Python Code Injection in Web Applications
- 2016.10 [360] AtomBombing:全新的Windows代码注入技术
- 2016.10 [ensilo] AtomBombing: A Code Injection that Bypasses Current Security Solutions
- 2016.10 [venus] 代码审计就该这么来 - 2 Mlecms 注入
- 2016.10 [insinuator] Linq Injection – From Attacking Filters to Code Execution
- 2016.10 [polaris] PHP Code Injection Analysis
- 2016.10 [JackkTutorials] How to perform Remote Code Injection attacks REUPLOADED
- 2016.09 [forcepoint] Highly Evasive Code Injection Awaits User Interaction Before Delivering Malware
- 2016.08 [artsploit] [demo.paypal.com] Node.js code injection (RCE)
- 2016.07 [suchakra] Unravelling Code Injection in Binaries
- 2016.03 [yifan] 3DS Code Injection through "Loader"
- 2015.12 [hexacorn] IME code injection (old)
- 2015.08 [securiteam] SSD Advisory – Symantec NetBackup OpsCenter Server Java Code Injection RCE
- 2015.04 [sensecy] MitM Attacks Pick Up Speed – A Russian Coder Launches a New Web Injection Coding Service
- 2015.03 [pediy] [原创]代码注入器源码献上
- 2014.12 [] 逐浪CMS2个文件两个注入5处问题代码 另附其他注入绕过方式
- 2014.11 [] 代码审计:大米CMS注入
- 2014.10 [arxiv] [1410.7756] Code Injection Attacks on HTML5-based Mobile Apps
- 2014.09 [tribalchicken] Bash bug allows code injection attack
- 2014.09 [digitaloperatives] OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection: Local Use
- 2014.09 [tribalchicken] Bash bug allows code injection attack
- 2014.08 [] HTML5 App的代码注入攻击
- 2014.03 [pediy] [原创]对笔记本 Inject code 实验
- 2014.01 [] U-Mail注入之任意代码写入exp
- 2013.12 [lowleveldesign] Injecting code into .NET applications
- 2013.11 [imperva] Threat Advisory: A JBoss AS Exploit, Web Shell code Injection.
- 2013.08 [scotthelme] Code Injection - TLS (SSL) is not all about privacy, it's about integrity too
- 2013.08 [sans] BBCode tag "[php]" used to inject php code
- 2013.05 [hackingarticles] Exploit Remote PC using Firefox 17.0.1 + Flash Privileged Code Injection
- 2013.04 [freebuf] [php 代码审计]Espcms 暴力注入
- 2013.03 [pediy] [原创]手机毒霸去广告功能分析三:java代码(dex)注入
- 2012.12 [hackingarticles] Bypassing Antivirus using Multi Pyinjector Shell Code Injection in SET Toolkit
- 2012.12 [freebuf] 向正在运行的Linux应用程序注入代码
- 2012.11 [debasish] Suicide via Remote Code Injection
- 2012.10 [volatility] Reverse Engineering Poison Ivy's Injected Code Fragments
- 2012.08 [cert] More human than human – Flame’s code injection techniques
- 2012.07 [welivesecurity] Rovnix.D: the code injection story
- 2012.06 [welivesecurity] ZeroAccess: code injection chronicles
- 2012.06 [freebuf] [方法分享]利用输入框进行恶意代码注入
- 2012.06 [hackingarticles] How to Attack on Remote PC using HTTP Code Injection Technique
- 2012.04 [pediy] [原创]今天突然想注入,写了点代码
- 2012.02 [trustwave] [Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment
- 2011.12 [pediy] [原创]自己写的一个为可执行文件注入代码的API,使用超级方便
- 2011.07 [pediy] [原创]借腹怀胎的注入代码个人理解
- 2011.06 [forcepoint] Malware campaign uses direct injection of Java exploit code
- 2010.05 [pediy] [翻译]注入你的代码到可执行文件
- 2009.03 [pediy] [原创]如何向WM程序注入代码[1]总纲
- 2009.01 [arxiv] [0901.3482] Code injection attacks on harvard-architecture devices
- 2008.11 [travisgoodspeed] MicaZ Code Injection
- 2008.09 [secshoggoth] SEO Code Injection
- 2008.07 [reverse] Mac OS X Code injection
- 2007.09 [travisgoodspeed] Memory-Constrained Code Injection
- 2007.02 [sans] more code injection sites 8.js
- 2006.12 [pediy] [翻译]注入 动态生成及混淆的恶意代码的检测
- 2006.08 [pediy] [翻译]向导入表中注入代码
- 2006.04 [pediy] 翻译:向PE中注入代码(4.17修改)
- 2005.07 [pediy] Code Injection破解Armadillo V4.20单进程加壳程序――FTPRush Unicode V1.0.RC6.build.568
- 2005.06 [pediy] Hying's Armor v0.7x Code Injection
- 2005.05 [pediy] EnCryptPE v2 Code injection
- 2005.05 [pediy] ARM3.7x-4.1CopyMEMII Code injection
- 2005.04 [pediy] OBSIDIUM 1.25 Code Injection
- 2005.04 [pediy] Armadillo 3.7X-4.X Code Injection
- 2004.09 [pediy] [翻译]利用代码注入脱壳
<a id="a5458e6ee001b754816237b9a2108569"></a>Shellcode注入
<a id="28e1b534eae8d37d8fc1d212f0db0263"></a>工具
- [2209星][4m] [Py] trustedsec/unicorn 通过PowerShell降级攻击, 直接将Shellcode注入到内存
- [476星][21d] [Py] trustedsec/meterssh 将Shellcode注入内存,然后通过SSH隧道传输(端口任选,并伪装成普通SSH连接)
- [225星][4m] [PS] outflanknl/excel4-dcom PowerShell和Cobalt Strike脚本,通过DCOM执行Excel4.0/XLM宏实现横向渗透(直接向Excel.exe注入Shellcode)
- [112星][2m] [C++] josh0xa/threadboat 使用线程执行劫持将本机shellcode注入到标准的Win32应用程序中
- [77星][4m] [C] dimopouloselias/simpleshellcodeinjector 接收十六进制的shellcode作为参数并执行它
- [66星][2m] [Py] sensepost/anapickle 用Python的Pickle语言编写shellcode和操作Pickle注入shellcode的工具集。
- [43星][1m] [Py] borjamerino/tlsinjector Python script to inject and run shellcodes through TLS callbacks
- [27星][2y] [Py] taroballzchen/shecodject shecodject is a autoscript for shellcode injection by Python3 programing
- [19星][5y] [C] jorik041/cymothoa Cymothoa is a backdooring tool, that inject backdoor's shellcode directly into running applications. Stealth and lightweight...
- [16星][9m] [PLpgSQL] michaelburge/redshift-shellcode Example of injecting x64 shellcode into Amazon Redshift
- [10星][1y] [C++] egebalci/injector Simple shellcode injector.
- [4星][3y] [Shell] thepisode/linux-shellcode-generator Experiments on Linux Assembly shellcodes injection
- [None星][Go] pioneerhfy/goback GOback is a backdoor written in GO that use shellcode injection technique for achiving its task.
<a id="c6942bb5275f5b62a41238c6042b2b81"></a>文章
- 2020.03 [hakin9] Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.
- 2019.12 [aliyun] 手工shellcode注入PE文件
- 2019.11 [4hou] 代码注入技术之Shellcode注入
- 2019.11 [ColinHardy] Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
- 2019.06 [360] Arm平台Ptrace注入shellcode技术
- 2018.09 [pediy] [分享]绝对牛逼哄哄的shellcode内存注入,支持64,32,远程内存注入,支持VMP壳最大强度保护
- 2018.05 [cobaltstrike] PowerShell Shellcode Injection on Win 10 (v1803)
- 2017.12 [pentesttoolz] Shecodject – Autoscript for Shellcode Injection
- 2017.12 [MalwareAnalysisForHedgehogs] Malware Analysis - ROKRAT Unpacking from Injected Shellcode
- 2017.11 [freebuf] Metasploit自动化Bypass Av脚本:Shecodject X Shellcode Injection
- 2017.01 [christophertruncer] Shellcode Generation, Manipulation, and Injection in Python 3
- 2015.12 [dhavalkapil] Shellcode Injection
- 2015.12 [n0where] Dynamic Shellcode Injection: Shellter
- 2015.10 [freebuf] Kali Shellter 5.1:动态ShellCode注入工具 绕过安全软件
- 2015.07 [BsidesLisbon] BSidesLisbon2015 - Shellter - A dynamic shellcode injector - Kyriakos Economou
- 2015.06 [freebuf] 动态Shellcode注入工具 – Shellter
- 2015.06 [shelliscoming] TLS Injector: running shellcodes through TLS callbacks
- 2014.08 [toolswatch] Shellter v1.7 A Dynamic ShellCode Injector – Released
- 2014.06 [toolswatch] [New Tool] Shellter v1.0 A Dynamic ShellCode Injector – Released
- 2013.06 [debasish] Injecting Shellcode into a Portable Executable(PE) using Python
- 2013.05 [trustedsec] Native PowerShell x86 Shellcode Injection on 64-bit Platforms
- 2013.05 [pediy] [原创]内核ShellCode注入的一种方法
- 2012.10 [hackingarticles] Cymothoa – Runtime shellcode injection Backdoors
- 2012.09 [hackingarticles] PyInjector Shellcode Injection attack on Remote PC using Social Engineering Toolkit
- 2012.08 [trustedsec] New tool PyInjector Released – Python Shellcode Injection
- 2007.01 [pediy] 《The Shellcoder's handbook》第十四章_故障注入
<a id="3584002eaa30b92479c1e1c2fc6ce4ef"></a>ELF注入
<a id="b423b830472372349203f88cf64c6814"></a>工具
- [269星][10d] [Shell] cytopia/pwncat pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
- [106星][14d] [C] comsecuris/luaqemu QEMU-based framework exposing several of QEMU-internal APIs to a LuaJIT core injected into QEMU itself. Among other things, this allows fast prototyping of target systems without any native code and minimal effort in Lua.
- [73星][10d] [C] zznop/drow Injects code into ELF executables post-build
- [45星][1m] [C] jmpews/evilelf Malicious use of ELF such as .so inject, func hook and so on.
- [26星][4m] [C++] shaxzy/nixware-csgo Source code of Nixware. Cheat doesn't inject for some reason, fix it uself or just paste from it
- [9星][3m] [C] mfaerevaag/elfinjector Code injector for ELF binaries (incl. PIE)
- [1星][2y] [JS] mshoop/web-xss-attack Exploring website security through cross-site scripting attacks, maliciously injected JavaScript and self-propagating worms
<a id="0a853f9e3f9ccb0663007d3a508ce02b"></a>文章
- 2020.02 [advancedpersistentjest] Fault Injection on Linux: Practical KERNELFAULT-Style Attacks
- 2018.08 [0x00sec] Issues with elf file injection tutorial by pico
- 2017.12 [MSbluehat] BlueHat v17 || KERNELFAULT: R00ting the Unexploitable using Hardware Fault Injection
- 2016.05 [0x00sec] ELFun File Injector
- 2016.04 [backtrace] ELF shared library injection forensics
- 2014.02 [malwarebytes] How to Unpack a Self-Injecting Citadel Trojan
- 2014.02 [evilsocket] Termination and Injection Self Defense on Windows >= Vista SP1
- 2010.03 [publicintelligence] ELF/VLF Wave-injection and Magnetospheric Probing with HAARP
<a id="108c798de24e7ce6fde0cafe99eec5b3"></a>Dylib注入
<a id="12df48702564d73c275c72133546d73e"></a>工具
- [2032星][3y] [Swift] urinx/iosapphook 专注于非越狱环境下iOS应用逆向研究,从dylib注入,应用重签名到App Hook
- [752星][5y] [ObjC] kjcracks/yololib dylib injector for mach-o binaries
- [506星][13d] [Objective-C++] bishopfox/bfinject Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
- [191星][3m] [Swift] codesourse/iinjection an app for OS X that can inject dylib and (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
- [173星][16d] [C] scen/osxinj osx dylib injection
<a id="0af1332c6476d1a8f98046542e925282"></a>文章
- 2014.05 [pediy] [原创]iOS下远程进程注入dylib源码
<a id="06fc9c584b797f97731e3c49886dcc08"></a>Android
<a id="4c02a0ba65fa4f582ec590ce1e070822"></a>工具
- [1300星][4m] [JS] megatronking/httpcanary 一个强大的捕获和注入工具的Android平台
- [475星][3y] [Smali] sensepost/kwetza Python 脚本,将 Meterpreter payload 注入 Andorid App
- [447星][9m] [Java] megatronking/netbare Net packets capture & injection library designed for Android
- [252星][16d] [Py] feicong/jni_helper AndroidSO自动化分析工具(非虫)
- [148星][4m] [Java] zhouat/inject-hook for android
- [144星][3y] [C] xmikos/setools-android Unofficial port of setools to Android with additional sepolicy-inject utility included
- [136星][11d] [Lua] lanoox/luject A static injector of dynamic library for application (android, iphoneos, macOS, windows, linux)
- [122星][5y] irsl/adb-backup-apk-injection Android ADB backup APK Injection POC
- [97星][4y] [Shell] jlrodriguezf/whatspwn Linux tool used to extract sensitive data, inject backdoor or drop remote shells on android devices.
- [76星][4y] [Py] moosd/needle Android framework injection made easy
- [56星][4m] [C] shunix/tinyinjector Shared Library Injector on Android
- [55星][4m] [Java] igio90/fridaandroidinjector Inject frida agents on local processes through an Android app
- [52星][2m] [Py] alessandroz/pupy Python编写的远控、后渗透工具,跨平台(Windows, Linux, OSX, Android)
- [52星][14d] [TS] whid-injector/whid-mobile-connector Android Mobile App for Controlling WHID Injector remotely.
- [48星][16d] [Py] ikoz/jdwp-lib-injector inject native shared libraries into debuggable Android applications
- [46星][30d] [Shell] jbreed/apkinjector Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.
- [40星][8m] [Java] ivianuu/contributer Inject all types like views or a conductor controllers with @ContributesAndroidInjector
- [33星][1y] [Groovy] eastwoodyang/autoinject Android 通用的组件自动注册、自动初始化解决方案
- [30星][6m] [Java] cristianturetta/mad-spy 一个用于教育目的的恶意软件
- [24星][5m] [Smali] aress31/sci 用于在Android应用程序中自动化汇编代码注入(trojanting)过程的框架
- [13星][11m] [JS] cheverebe/android-malware Injected malicious code into legitimate andoid applications. Converted a keyboard app into a keylogger and an MP3 downloader into an image thief.
<a id="9ff27f3143a5c619b554185069ecffb0"></a>文章
- 2018.01 [pediy] [分享][原创]修改android app_process elf (实现rrrfff大神 <android全局注入>第一步)
- 2017.08 [360] Dvmap:第一款使用代码注入的Android恶意软件
- 2017.06 [4hou] 小心!Google Play 中出现首个使用代码注入Android恶意软件——Dvmap
- 2017.06 [securelist] 卡巴斯基首次发现代码注入的 Android 恶意 App:运行时将恶意代码注入系统库 libdmv.so 或者 libandroid_runtime.so。此恶意 App 甚至支持64位 Android 系统
- 2015.05 [evilsocket] Android Native API Hooking With Library Injection and ELF Introspection.
- 2015.05 [evilsocket] Dynamically Inject a Shared Library Into a Running Process on Android/ARM
- 2011.10 [pediy] [原创]发个Android平台上的注入代码
- 2011.09 [winsunxu] android注入代码之注入类方法
- 2011.09 [winsunxu] android注入代码,再议寄存器平衡
- 2011.09 [winsunxu] android 代码注入 崩溃 解决方法
<a id="4ffa5c3eb1f3b85e4c38f6863f5b76b2"></a>其他
<a id="fd5f8ada2d4f47c63c3635427873c79c"></a>工具
- [1044星][11d] [Go] banzaicloud/bank-vaults A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.
- [980星][12d] [Perl] infobyte/evilgrade 供应链攻击: 注入虚假的update
- [920星][4m] [C++] whid-injector/whid WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
- [877星][7m] [C] spacehuhn/wifi_ducky 使用ESP8266 + ATMEGA32U4,远程上传、保存和运行按键注入Payload
- [577星][19d] [TS] samdenty/injectify 对网站实行中间人攻击的框架
- [559星][28d] [Py] shellphish/fuzzer Americanfuzzy lop 的 Python 版本接口
- [555星][11d] [C] libnet/libnet 创建和注入网络数据包
- [509星][10d] [C] nongiach/sudo_inject [Linux] Two Privilege Escalation techniques abusing sudo token
- [501星][7m] [C] hasherezade/demos Demos of various injection techniques found in malware
- [463星][12d] [Perl] chinarulezzz/pixload Image Payload Creating/Injecting tools
- [427星][11d] payloadbox/command-injection-payload-list 一种攻击,其目标是通过易受攻击的应用程序在主机操作系统上执行任意命令
- [420星][2y] [C++] rootm0s/injectors DLL/Shellcode injection techniques
- [380星][15d] veracode-research/solr-injection Apache Solr注入研究
- [380星][15d] veracode-research/solr-injection Apache Solr Injection Research
- [356星][8d] [C++] spacehuhntech/wifiduck Wireless keystroke injection attack platform
- [320星][2y] [C++] exploitagency/esploitv2 为Atmega 32u4/ESP8266通过串口配对设计的WiFi按键注射工具(Cactus WHID固件)。还提供了串行、HTTP和PASV FTP过滤方法,以及名为ESPortal的集成凭据收割机钓鱼工具。
- [317星][10d] [Py] pmsosa/duckhunt Prevent RubberDucky (or other keystroke injection) attacks
- [308星][12d] [C] pulkin/esp8266-injection-example Example project to demonstrate packet injection / sniffer capabilities of ESP8266 IC.
- [299星][18d] [HTML] dxa4481/cssinjection Stealing CSRF tokens with CSS injection (without iFrames)
- [297星][2y] [C] can1357/theperfectinjector Literally, the perfect injector.
- [284星][4m] [C++] fransbouma/injectablegenericcamerasystem This is a generic camera system to be used as the base for cameras for taking screenshots within games. The main purpose of the system is to hijack the in-game 3D camera by overwriting values in its camera structure with our own values so we can control where the camera is located, it's pitch/yaw/roll values, its FoV and the camera's look vector.
- [265星][19d] [C] astsam/rtl8812au RTL8812AU/21AU and RTL8814AU driver with monitor mode and frame injection
- [265星][17d] [Java] portswigger/collaborator-everywhere Burp Suite 扩展,通过注入非侵入性 headers 来增强代理流量,通过引起 Pingback 到 Burp Collaborator 来揭露后端系统
- [264星][2y] [Py] thetwitchy/xxer A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
- [255星][14d] [Py] nteseyes/pylane An python vm injector with debug tools, based on gdb.
- [254星][16d] [C] klsecservices/invoke-vnc executes a VNC agent in-memory and initiates a reverse connection, or binds to a specified port.
- [242星][11d] [JS] sjitech/proxy-login-automator A single node.js script to automatically inject user/password to http proxy server via a local forwarder
- [215星][12d] [Py] google/ukip USB Keystroke Injection Protection
- [212星][2y] [HTML] xsscx/commodity-injection-signatures Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
- [211星][12d] [C++] hiitiger/gelectron gameoverlay solution for Electron, Qt and CEF, just like discord game overlay and steam game overlay, inject any app to overlay in your game
- [197星][5y] [Py] offensivepython/pinject Raw Packet Injection tool
- [170星][3y] [HTML] threatexpress/metatwin The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
- [158星][11d] [C] aircrack-ng/rtl8188eus RealTek RTL8188eus WiFi driver with monitor mode & frame injection support
- [157星][7d] icehacks/survivcheatinjector An actual, updated, surviv.io cheat. Works great and we reply fast.
- [149星][25d] [Shell] depoon/iosdylibinjectiondemo Using this Repository to demo how to inject dynamic libraries into cracked ipa files for jailed iOS devices
- [144星][2m] [Py] shengqi158/pyvulhunter python audit tool 审计 注入 inject
- [141星][18d] [Ruby] dry-rb/dry-auto_inject Container-agnostic constructor injection mixin
- [140星][12d] [Go] malfunkt/arpfox An arpspoof alternative (written in Go) that injects spoofed ARP packets into a LAN.
- [135星][16d] [Py] cr0hn/enteletaor Message Queue & Broker Injection tool
- [134星][3m] [C++] michalmonday/supremeduck USB keystroke injector controlled by smartphone.
- [131星][5y] [Py] ricterz/websocket-injection WebSocket 中转注入工具
- [127星][18d] [Py] mandatoryprogrammer/xsshunter_client Correlated injection proxy tool for XSS Hunter
- [126星][3y] [Batchfile] 3gstudent/clr-injection Use CLR to inject all the .NET apps
- [123星][4m] [ObjC] smilezxlee/zxhookdetection 【iOS应用安全】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议示例)
- [118星][2y] [C#] malcomvetter/managedinjection A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
- [117星][5m] [C#] gaprogman/owaspheaders.core A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
- [117星][2m] [C++] praetorian-code/vulcan a tool to make it easy and fast to test various forms of injection
- [114星][2m] [Ruby] spiderlabs/beef_injection_framework Inject beef hooks into HTTP traffic and track hooked systems from cmdline
- [113星][3y] [PS] vletoux/ntlminjector In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)
- [112星][2y] cujanovic/crlf-injection-payloads Payloads for CRLF Injection
- [111星][14d] [C++] haram/splendid_implanter BattlEye compatible injector, done completely from user-mode, project by secret.club
- [107星][27d] [C] yurushao/droid_injectso A shared libraries injection tool.
- [106星][4y] [Eagle] zapta/linbus An Arduino based LINBUS stack and signal interceptor/injector.
- [105星][3y] [C++] azuregreen/injectcollection A collection of injection via vc++ in ring3
- [104星][4y] [Makefile] dtrukr/flex_injected Injecting FLEX with MobileSubstrate. Inject FLEX library into 3rd party apps.
- [104星][14d] [Py] tintinweb/electron-inject Inject javascript into closed source electron applications e.g. to enable developer tools for debugging.
- [102星][14d] [C++] whid-injector/whid-31337 WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
- [93星][16d] [Py] pdjstone/wsuspect-proxy Python tool to inject fake updates into unencrypted WSUS traffic
- [92星][2y] [C] 3gstudent/inject-dll-by-process-doppelganging Process Doppelgänging
- [89星][1m] [C] xpn/ssh-inject A ptrace POC by hooking SSH to reveal provided passwords
- [87星][10d] [Py] helpsystems/wiwo wiwo is a distributed 802.11 monitoring and injecting system that was designed to be simple and scalable, in which all workers (nodes) can be managed by a Python framework.
- [86星][4m] [Java] pwntester/dupekeyinjector DupeKeyInjector
- [86星][9m] [Py] safebreach-labs/bitsinject A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as the NT AUTHORITY/SYSTEM account
- [83星][1m] [Go] binject/binjection Injects additional machine instructions into various binary formats.
- [83星][11d] [JS] fastify/light-my-request Fake HTTP injection library
- [83星][17d] [C] oleavr/ios-inject-custom (iOS) 使用Frida注入自定义Payload
- [82星][4m] [C++] changeofpace/mouclassinputinjection MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
- [78星][2y] [C] alex9191/kernel-dll-injector Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
- [78星][3y] [C] ernacktob/esp8266_wifi_raw ESP8266 wifi packet injection and receiving experiment
- [75星][17d] [C] liji32/mip MIP – macOS Injection Platform
- [74星][2y] [C++] 3gstudent/inject-dll-by-apc Asynchronous Procedure Calls
- [72星][2m] [C#] komefai/ps4remoteplayinterceptor A small .NET library to intercept and inject controls on PS4 Remote Play for Windows
- [70星][8m] [JS] lfzark/cookie-injecting-tools A chrome extension ,cookie injecting tool includeing injecting ,editing ,adding ,removeing cookies.
- [68星][21d] bastilleresearch/keyjack Device discovery tools and encrypted keystroke injection advisories for Logitech, Dell, Lenovo and AmazonBasics
- [67星][2m] [C] merlijnwajer/tracy tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
- [66星][4m] [YARA] fuzzysecurity/bluehatil-2020 BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET
- [64星][4m] [C++] changeofpace/mouhidinputhook MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
- [62星][8m] [C] gdbinit/osx_boubou A PoC Mach-O infector via library injection
- [62星][2m] [Py] feexd/vbg 使用X11转发的SSH会话远程在客户端执行指令
- [61星][11d] [JS] tserkov/vue-plugin-load-script A Vue plugin for injecting remote scripts.
- [58星][12d] [Py] adhorn/aws-chaos-scripts Collection of python scripts to run failure injection on AWS infrastructure
- [57星][5y] [C++] scadacs/plcinject
- [57星][3m] [C] jar-o/osxinj_tut OSX injection tutorial: Hello World
- [56星][3y] [C++] mq1n/dllthreadinjectiondetector
- [56星][2m] [HTML] webcoding/js_block 研究学习各种拦截:反爬虫、拦截ad、防广告注入、斗黄牛等
- [53星][1m] [C++] vmcall/eye_mapper BattlEye x64 usermode injector
- [52星][4m] [Go] stakater/proxyinjector A Kubernetes controller to inject an authentication proxy container to relevant pods - [✩Star] if you're using it!
- [52星][29d] [C] pwn20wndstuff/injector
- [51星][4m] [C++] anubisss/szimatszatyor World of Warcraft (WoW): SzimatSzatyor is an injector sniffer written in C++
- [51星][4y] [C++] uitra/injectora x86/x64 manual mapping injector using the JUCE library
- [51星][7m] [ObjC] kpwn/inj task_for_pid injection that doesn't suck
- [50星][9y] [Perl] spiderlabs/thicknet TCP session interception and injection framework
- [49星][3m] [JS] pownjs/pown-duct Essential tool for finding blind injection attacks.
- [48星][14d] [Py] nickstadb/patch-apk Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.
- [47星][3y] [Shell] leanvel/iinject Tool to automate the process of embedding dynamic libraries into iOS applications from GNU/Linux
- [47星][11d] [Py] adhorn/aws-lambda-chaos-injection Chaos Injection library for AWS Lambda
- [46星][1m] [C] gdbinit/gimmedebugah A small utility to inject a Info.plist into binaries.
- [46星][6m] [C] cleric-k/flyskyrxfirmwarerssimod Patched firmwares for the various FlySky receivers to inject RSSI in IBUS channel 14
- [44星][2y] [Py] nullbites/snakeeater Python implementation of the reflective SO injection technique
- [44星][2m] [Py] ledger-donjon/rainbow Makes Unicorn traces. Generic Side-Channel and Fault Injection simulator
- [43星][4m] [C#] equifox/minjector Mono Framework Injector (C#) using MInject Library
- [43星][4y] [C++] sekoialab/binaryinjectionmitigation Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.
- [42星][4m] [Arduino] exploitagency/github-esploit !!! Deprecated See ESPloitV2 !!! Original PoC(Released: Sep 11, 2016) - WiFi controlled keystroke injection Using ESP8266 and 32u4 based Arduino HID Keyboard Emulator
- [39星][4m] [Py] alttch/pptop Open, extensible Python injector/profiler/analyzer
- [38星][10d] [C++] ganyao114/sandboxhookplugin demo for inject & hook in sandbox
- [37星][1m] [JS] dangkyokhoang/man-in-the-middle Modify requests, inject JavaScript and CSS into pages
- [37星][2m] [JS] jackgu1988/dsploit-scripts Scripts that could be injected in MITM attacks using dSploit
- [36星][2m] [C] stealth/injectso
- [35星][2y] [Java] minervalabsresearch/coffeeshot CoffeeShot: Avoid Detection with Memory Injection
- [35星][24d] [Ruby] skulltech/apk-payload-injector POC for injecting Metasploit payloads on arbitrary APKs
- [35星][7m] [Py] tidesec/tdscanner 自动化检测小工具,主要实现了域名枚举、链接爬取、注入检测、主机扫描、目录枚举、敏感信息检测等功能~
- [34星][6y] osiris123/cdriver_loader Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.
- [34星][1m] [Py] rudsarkar/crlf-injector A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
- [33星][19d] [JS] ebay/userscript-proxy HTTP proxy to inject scripts and stylesheets into existing sites.
- [32星][2m] [C++] netdex/twinject Automated player and hooking framework for bullet hell games from the Touhou Project
- [31星][23d] [C++] amirrezanasiri/usb-keystroke-injector
- [29星][3y] [Assembly] borjamerino/plcinjector Modbus stager in assembly and some scripts to upload/download data to the holding register of a PLC
- [29星][18d] [C] misje/dhcpoptinj DHCP option injector
- [27星][4m] [Py] fluxius/v2ginjector V2GInjector - Tool to intrude a V2G PowerLine network, but also to capture and inject V2G packets
- [27星][3m] [Py] xfkxfk/pyvulhunter python audit tool 审计 注入 inject
- [25星][9m] [Shell] civisanalytics/iam-role-injector Assumes an IAM role via awscli STS call, injecting temporary credentials into shell environment
- [25星][5m] [C] hatching/tracy tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
- [25星][9m] [JS] sbarre/proxy-local-assets BrowserSync-based Gulpfile to inject local development assets into a remote site
- [24星][2y] retrogamer74/firmwarev5.05_mirahen_baseinjection Mira HEN 5.05 PS4 Fast developed firmware just for the basic injection
- [23星][1y] [JS] 0xsobky/xssbuster XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!
- [23星][1m] [C] kismetwireless/lorcon LORCON 802.11 Packet Injection Library (Mirror of Kismet repository)
- [22星][4m] [C++] arsunt/tr2main Tomb Raider II Injector Dynamic Library
- [22星][3y] [Cycript] keith/injecturlprotocol Inject a custom NSURLProtocl into a running application
- [22星][2y] [Py] swisskyrepo/whid_toolkit Simple script for the WHID injector - a rubberducky wifi
- [21星][4m] [Py] bountystrike/injectus CRLF and open redirect fuzzer
- [20星][1m] [Py] migolovanov/libinjection-fuzzer This tool was written as PoC to article
- [20星][2m] [Smarty] saltwaterc/aircrack-db A list of wireless cards tested with the dual-card injection test and in the field
- [19星][1m] [Java] toparvion/jmint jMint is a Side Effect Injection (SEI) tool aimed at simplicity of modifications expression
- [17星][2y] [Py] mostafasoliman/cve-2017-6079-blind-command-injection-in-edgewater-edgemarc-devices-exploit
- [17星][2y] [C] paullj1/w-swfit x64 Windows Software Fault Injection Tool
- [16星][7y] cccssw/jynkbeast A novel rootkit under linux(test under cents 5.4) combine with preload_inject and sys_table modify
- [16星][12d] [JS] freehuntx/frida-inject This module allows you to easily inject javascript using frida and frida-load.
- [15星][17d] [Py] ezelf/modbuskiller [#Schneider] Dos PLC Modicon via Modbus Injection
- [14星][2y] chango77747/shellcodeinjector_msbuild
- [13星][1y] [JS] lukaszmakuch/snabbdom-signature Protects your app against vnode injection.
- [13星][2y] [C] mnavaki/faros FAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking
- [12星][3y] [C++] wyexe/x64injector
- [12星][4m] [Java] orhun/apkservinject Tool for injecting (smali) services to APK files
- [11星][7y] [Component Pascal] dilshan/kidogo Open Source USB Digital Signal Injector
- [11星][2m] [C] resilar/psyscall Linux syscall() injection
- [11星][9m] [C] wrenchonline/kernelapcinject
- [10星][1y] [C#] guitmz/msil-cecil-injection Injection of MSIL using Cecil
- [10星][26d] [C++] hrt/mouseinjectdetection Simple method of checking whether or not mouse movement or buttons (<windows 10) are injected
- [10星][3m] [C++] jamesits/bgrtinjector Customize boot logo without modifying BIOS (UEFI firmware).
- [9星][16d] [JS] davuxcom/frida-scripts Inject JS and C# into Windows apps, call COM and WinRT APIs
- [8星][2y] [C++] xiaobo93/unmodule_shellcode_inject 无模块注入工程 VS2008
- [8星][7m] [JS] omarkurt/ssjs SSJS Web Shell Injection Case
- [7星][6m] [Shell] enixes/injectorist A simple script to check all Wireless cards connected to your computer for Packet Injection capability
- [7星][2m] [C] idigitalflame/inyourmems Windows Antivirus Evasion and Memory Injection
- [7星][2y] [CSS] kp625544/runtime_secure Injecting Security at run-time for web applications
- [7星][5m] [ObjC] troyzhao/aanticrack 注入与反注入工具 Disabled the injection defenses tool
- [7星][8m] [C] anyfi/wperf 802.11 frame injection/reception tool for Linux mac80211 stack
- [6星][8y] [C++] yifanlu/psxperia-wrapper Loads injected PSX games on Xperia Play
- [6星][5y] [C] mwwolters/dll-injection
- [6星][2y] [C] moepinet/moepdefend Example monitoring/injection tool based on libmoep
- [6星][3y] [JS] juzna/packet-injector Packet analyzer and injector, written in JavaScript
- [5星][5m] [Java] zabuzaw/mem-eater-bug API that provides various methods for memory manipulation and injection using JNA.
- [5星][6m] [C++] sh0/airown Packet injection tool
- [4星][4m] [C#] mojtabatajik/.net-code-injector Proof of concept of .Net worms
- [3星][1y] [JS] mhelwig/wp-webshell-xss A simple wordpress webshell injector
- [3星][7m] [C++] sujuhu/antinject
- [2星][4y] [c++] C4t0ps1s/injectme
- [2星][6m] [Java] conanjun/xssblindinjector burp插件,实现自动化xss盲打以及xss log
- [2星][2y] [JS] mylesjohnson/pipe-injector Node.js script that can detect when "curl ... | bash" is being used and serve a different file than normal
- [2星][2y] [C] neocui/uefi-var-in-disk Inject the UEFI variable in the first sector of hard disk
- [2星][2y] [C++] wqqhit/dnshijack A tool to poison a systems DNS cache by injecting faked DNS responses.
- [2星][2y] [JS] xymostech/aphrodite-globals A library for injecting global-scope styles using Aphrodite.
- [2星][4y] [C] derosier/packetvector 802.11 management packet injection tool based on packetspammer
- [2星][2m] [C] trustedsec/inproc_evade_get-injectedthread PoC code from blog
- [1星][2y] [C] abapat/dnspoison A DNS packet injection and poisoning detection utility
- [1星][8y] [C++] iagox86/old-injector
- [1星][8m] [Go] joanbono/pixload Image Payload Creating/Injecting tools
- [1星][3y] [C++] bradleykirwan/disassociatedwifi A user space application for injecting packets into a WiFi interface in monitor mode.
- [1星][8y] [C] iitis/iitis-generator Software for distributed statistical evaluation of IEEE 802.11 wireless networks using Linux mac80211 packet injection facility
- [1星][2y] [Py] cardangi/xss-injector-python3- XSS PoC
- [1星][6m] [Py] gunnargrosch/serverless-chaos-demo This example demonstrates how to use Adrian Hornsby's Failure Injection Layer (
- [0星][2y] [C] brorica/http_inject
- [0星][1y] phuctam/server-side-template-injection-in-craftcms-
- [0星][4y] [Py] dshtanger/zabbix_insertdb_injection_analy
- [None星][JS] sajjadium/origintracer OriginTracer: An In-Browser System for Identifying Extension-based Ad Injection
- [None星][C] kebugcheckex0xfffffff/kernel-dll-injector Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
- [None星][C++] contionmig/millin-injector Millin Injector offers many features which can aid in creating usermode cheats. Its meant to be light weight and allow users to view things such as loaded modules, imports and other smaller things
- [None星][Java] zabuzard/mem-eater-bug API that provides various methods for memory manipulation and injection using JNA.
- [None星][Py] roottusk/xforwardy Host Header Injection Scanner
- [None星][C#] thenameless314159/sockethook Socket hook is an injector based on EasyHook which redirect the traffic to your local server.
<a id="7004b87c5ab514b352dd7cc91acdd17b"></a>文章
- 2020.05 [netsparker] Top 5 Most Dangerous Injection Attacks
- 2020.03 [rpis] Injecting into 32-bit programs on macOS Mojave
贡献
内容为系统自动导出, 有任何问题请提issue