Beacon Object File (BOF) that leverages Native APIs to achieve process injection through memory section mapping. It implements two commands via an Aggressor Script: one to inject beacon shellcode for a selected listener into the desired process, and one to inject the user's desired shellcode - loaded from a bin file - into the desired process. These are sec-inject and sec-shinject respectively.
- Currently, this is only implemented for x64 processes.
git clone https://github.com/apokryptein/secinject.git
cd secinject/src
make
sec-inject PID LISTENER-NAME
sec-shinject PID /path/to/bin
https://github.com/EspressoCake/Process_Protection_Level_BOF/
https://github.com/rsmudge/CVE-2020-0796-BOF/blob/master/src/libc.c
https://github.com/connormcgarr/cThreadHijack/