process_chameleon
process_chameleon copied to clipboard

Published 20 hours ago •

→

Metadata

A process overwriting its own PEB to make an illusion that it has been loaded from a different path.

Readme
Issues

Process Chameleon

This is my "lil_calc" PoC presented on the video:
Test with ProcessExplorer vs TaskManager
It is not FUD, but it can fool some tools and it can be used as a test case. The process overwrites its own PEB to create an illusion, that it has been loaded from a different path.

About

A process overwriting its own PEB to make an illusion that it has been loaded from a different path.

Stars

Forks

Watchers

Owner

hasherezade

← Metadata

Stars

Forks

Watchers

Owner

hasherezade

Metadata

A process overwriting its own PEB to make an illusion that it has been loaded from a different path.

Back

process_chameleon process_chameleon copied to clipboard

Metadata

Process Chameleon

← Metadata

Owner

Metadata

process_chameleon
process_chameleon copied to clipboard