This is a poc for process hollowing shellcode technique wwritten in C# and made by crypt0ace. My edits consist only in a passphrase rather than a single char XOR routine.
It also contains a powershell script hollow.ps1
which can load the program in it if you wanna do it all in memory without touching disk. Remember to change the IP.
Also includes a AMSI bypass which is loaded in the hollow.ps1
script. The bypass is courtesy of CRTP by pentester academy.
The obfuscated version is obfuscated with Rosfuscator by Melvin Langvik.