This is a poc for process hollowing shellcode technique wwritten in C# and made by crypt0ace. My edits consist only in a passphrase rather than a single char XOR routine.

It also contains a powershell script hollow.ps1 which can load the program in it if you wanna do it all in memory without touching disk. Remember to change the IP.

Also includes a AMSI bypass which is loaded in the hollow.ps1 script. The bypass is courtesy of CRTP by pentester academy.

The obfuscated version is obfuscated with Rosfuscator by Melvin Langvik.