Tagged: NimHollow

Process Hollowing Nim

NimHollow: Nim implementation of Process Hollowing

NimHollow Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security....