GitHub - dru1d-foofus/NtCreateUserProcess: Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html

This repo contains a minimal working PoC to create a process using the native API function NtCreateUserProcess(). An accompanying post about this code can be read at https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html

Additional work was done to add PPID spoofing and BlockDLL functionality, as well as a simple way of running shellcode in the created process's thread.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
.gitattributes		.gitattributes
.gitignore		.gitignore
HelloWorld.bin		HelloWorld.bin
NtCreateUserProcess.sln		NtCreateUserProcess.sln
NtCreateUserProcess.vcxproj		NtCreateUserProcess.vcxproj
NtCreateUserProcess.vcxproj.filters		NtCreateUserProcess.vcxproj.filters
README.md		README.md
main.cpp		main.cpp
ntdll.h		ntdll.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

Languages

dru1d-foofus/NtCreateUserProcess

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages