View Code? Open in Web Editor
NEW
This project forked from 0xyg3n/pex64-injector
Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.
Home Page: https://discord.link/0xyg3n
pex64-injector's Introduction
PEx64-Injector (Process Migrator)
Migrate any x64 exe to any x64 process (Net FrameWork 3.5)
No Administrator privileges required.
![PoC](https://camo.githubusercontent.com/82c759fdb642a0b17264da034909fbbac95d988e2fab8a86cdae14e16975959b/68747470733a2f2f692e696d6775722e636f6d2f67494c496262642e676966)
![shot](https://camo.githubusercontent.com/2e5325c326e149edd8c2a1eb06caaca35e95bc9b043b9597890b99a1efd636b2/68747470733a2f2f692e696d6775722e636f6d2f304547685932722e706e67)
Usage: Migrator.exe payload(fpath) Migratefile(fpath)
Example: Migrator.exe C:\Users\User\Desktop\Putty64.exe C:\Windows\System32\notepad.exe
Keep as a note that when you specify the migratefile it will launch as a new process and won't migrate to an already running process.
Such tool can be utilized for AV evasion, masking malicious software under legitimate process.
![Code](https://camo.githubusercontent.com/4055ddfd8c9c10e27eca0582c9ed7393c81510b035430eeb684e6f989b8304ec/68747470733a2f2f692e696d6775722e636f6d2f4f5479484b38622e706e67)
Todo: download/execute function to load remote files.
pex64-injector's People
Contributors