{"id":35881,"date":"2025-01-29T11:20:42","date_gmt":"2025-01-29T11:20:42","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=35881"},"modified":"2025-01-29T11:20:47","modified_gmt":"2025-01-29T11:20:47","slug":"process-inject-kit","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/","title":{"rendered":"Process Inject Kit : Elevating Penetration Testing With Advanced Injection Capabilities"},"content":{"rendered":"\n<p>The <strong>Process Inject Kit<\/strong> is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular penetration testing tool. <\/p>\n\n\n\n<p>Originally implemented in C, it has been ported to the C++ Beacon Object File (BOF) template, providing developers with greater flexibility and efficiency in defining and deploying custom injection techniques.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Core Features<\/strong><\/h2>\n\n\n\n<p>The Process Inject Kit offers the following components:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Source Code<\/strong>: Implements built-in process injection techniques.<\/li>\n\n\n\n<li><strong>Aggressor Script<\/strong>: Facilitates integration of custom hooks into Cobalt Strike.<\/li>\n\n\n\n<li><strong>Visual Studio Solution<\/strong>: Allows users to compile code and generate a distribution directory for deployment.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Key Injection Hooks<\/strong><\/h2>\n\n\n\n<p>The kit revolves around two primary hooks introduced in Cobalt Strike 4.5:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>PROCESS_INJECT_SPAWN<\/strong>: Enables users to define how the &#8220;fork and run&#8221; process injection technique is implemented. This method involves spawning a new process and injecting code into it, offering stability but requiring customization for operational security (OPSEC) improvements.<\/li>\n\n\n\n<li><strong>PROCESS_INJECT_EXPLICIT<\/strong>: Allows explicit injection into an existing process, giving users control over memory allocation, code writing, and execution flow.<\/li>\n<\/ol>\n\n\n\n<p>These hooks replace the default built-in methods, empowering users to tailor injection techniques for specific post-exploitation scenarios such as running keyloggers, capturing screenshots, or executing payloads like Mimikatz.<\/p>\n\n\n\n<p>To utilize the Process Inject Kit:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Build the Visual Studio solution in Release mode for both x64 and x86 architectures.<\/li>\n\n\n\n<li>Load the <code>process-inject.cna<\/code> script into Cobalt Strike to activate the custom hooks.<\/li>\n<\/ol>\n\n\n\n<p>Developers are encouraged to modify the kit to suit their engagement needs. <\/p>\n\n\n\n<p>For example, they can integrate advanced OPSEC measures or experiment with alternative injection methods like indirect syscalls (e.g., Tartarus Gate). <\/p>\n\n\n\n<p>This flexibility makes the kit valuable for red team operations requiring stealthy and adaptable techniques.<\/p>\n\n\n\n<p>The Process Inject Kit enhances the versatility of Cobalt Strike by enabling tailored process injection strategies. It supports developers in improving OPSEC while maintaining compatibility with existing workflows. <\/p>\n\n\n\n<p>By leveraging this kit, penetration testers can execute more sophisticated and secure post-exploitation activities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular penetration testing tool. Originally implemented in C, it has been ported to the C++ Beacon Object File (BOF) template, providing developers with greater flexibility and efficiency in defining and deploying custom injection techniques. Core [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":35885,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[737,6321,6052],"class_list":["post-35881","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-et","tag-cybersecurity","tag-informationsecurity","tag-kalilinux"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Process Inject Kit : Elevating Penetration Testing With Advanced<\/title>\n<meta name=\"description\" content=\"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Process Inject Kit : Elevating Penetration Testing With Advanced\" \/>\n<meta property=\"og:description\" content=\"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2025-01-29T11:20:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-29T11:20:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"Process Inject Kit : Elevating Penetration Testing With Advanced Injection Capabilities\",\"datePublished\":\"2025-01-29T11:20:42+00:00\",\"dateModified\":\"2025-01-29T11:20:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\"},\"wordCount\":329,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\"],\"articleSection\":[\"Exploitation Tools\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\",\"name\":\"Process Inject Kit : Elevating Penetration Testing With Advanced\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp\",\"datePublished\":\"2025-01-29T11:20:42+00:00\",\"dateModified\":\"2025-01-29T11:20:47+00:00\",\"description\":\"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp\",\"width\":1600,\"height\":900},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Process Inject Kit : Elevating Penetration Testing With Advanced","description":"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/","og_locale":"en_US","og_type":"article","og_title":"Process Inject Kit : Elevating Penetration Testing With Advanced","og_description":"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular","og_url":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2025-01-29T11:20:42+00:00","article_modified_time":"2025-01-29T11:20:47+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","type":"image\/webp"}],"author":"Varshini","twitter_card":"summary_large_image","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"Process Inject Kit : Elevating Penetration Testing With Advanced Injection Capabilities","datePublished":"2025-01-29T11:20:42+00:00","dateModified":"2025-01-29T11:20:47+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/"},"wordCount":329,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","keywords":["cybersecurity","informationsecurity","kalilinux"],"articleSection":["Exploitation Tools"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/","url":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/","name":"Process Inject Kit : Elevating Penetration Testing With Advanced","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","datePublished":"2025-01-29T11:20:42+00:00","dateModified":"2025-01-29T11:20:47+00:00","description":"The Process Inject Kit is a specialized toolkit designed to enhance and customize process injection techniques in Cobalt Strike, a popular","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/process-inject-kit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/process-inject-kit\/#primaryimage","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","width":1600,"height":900},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Process-Inject-Kit.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":36571,"url":"https:\/\/kalilinuxtutorials.com\/bokuloader\/","url_meta":{"origin":35881,"position":0},"title":"BokuLoader : Cobalt Strike Reflective Loader","author":"Varshini","date":"February 20, 2025","format":false,"excerpt":"BokuLoader is a User-Defined Reflective Loader (UDRL) designed to enhance the evasion capabilities of Cobalt Strike, a popular penetration testing and red-teaming tool. Created as a proof-of-concept, BokuLoader aims to recreate and improve upon the evasion features of Cobalt Strike's built-in reflective loader while supporting red teams in developing their\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/BokuLoader-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":22497,"url":"https:\/\/kalilinuxtutorials.com\/inject-assembly\/","url_meta":{"origin":35881,"position":1},"title":"Inject-Assembly : Inject .NET Assemblies Into An Existing Process","author":"R K","date":"March 8, 2022","format":false,"excerpt":"Inject-Assembly is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are two components of inject-assembly:\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiJ-9pMagT8N-xKzP-wslvAyYDQuIdNpqFLAhfMsM9izhvPA3UngaI-zAZo2i38j4pkp4yCR1o0M2nlBoFhocQLXMpV5qsc8LzMYMJ_Ul__kpUh2uFmpksJbGyeoaHJWIjAY2mZ3Yvg66JZvR7-Pfu4Z1XTvLfr55KBC6l_j16iczZPWxj61Neh4UCk=s728","width":350,"height":200,"srcset":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiJ-9pMagT8N-xKzP-wslvAyYDQuIdNpqFLAhfMsM9izhvPA3UngaI-zAZo2i38j4pkp4yCR1o0M2nlBoFhocQLXMpV5qsc8LzMYMJ_Ul__kpUh2uFmpksJbGyeoaHJWIjAY2mZ3Yvg66JZvR7-Pfu4Z1XTvLfr55KBC6l_j16iczZPWxj61Neh4UCk=s728 1x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiJ-9pMagT8N-xKzP-wslvAyYDQuIdNpqFLAhfMsM9izhvPA3UngaI-zAZo2i38j4pkp4yCR1o0M2nlBoFhocQLXMpV5qsc8LzMYMJ_Ul__kpUh2uFmpksJbGyeoaHJWIjAY2mZ3Yvg66JZvR7-Pfu4Z1XTvLfr55KBC6l_j16iczZPWxj61Neh4UCk=s728 1.5x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiJ-9pMagT8N-xKzP-wslvAyYDQuIdNpqFLAhfMsM9izhvPA3UngaI-zAZo2i38j4pkp4yCR1o0M2nlBoFhocQLXMpV5qsc8LzMYMJ_Ul__kpUh2uFmpksJbGyeoaHJWIjAY2mZ3Yvg66JZvR7-Pfu4Z1XTvLfr55KBC6l_j16iczZPWxj61Neh4UCk=s728 2x"},"classes":[]},{"id":35248,"url":"https:\/\/kalilinuxtutorials.com\/shadowdumper\/","url_meta":{"origin":35881,"position":2},"title":"ShadowDumper &#8211; Advanced Techniques For LSASS Memory Extraction","author":"Varshini","date":"November 18, 2024","format":false,"excerpt":"Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service) memory, often needed in penetration testing and red teaming activities. It offers flexible options to users and uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory. Capabilities Unhooked Injection\u2026","rel":"","context":"In &quot;Hacking Tools&quot;","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgxq2jjmgvGfRH_nmitfjFwrfPqJeKGWMaRZUJRYN79JXU0cKq_OaM4EjbQ1zA3SONCL96Nxr3Y_r951_OpLmoUrMtdEQumiYFoeMll1a7fdtrdkMrv9JQY6OwA2MiWJqA8vQ9Ukn0HZ5ttd2P0i70BGJVdjLm0x5VHC0nhyphenhyphentYG6p25_qEX2vuxc_GlEQbt\/s1600\/ShadowDumper%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":36499,"url":"https:\/\/kalilinuxtutorials.com\/pool-party-rs\/","url_meta":{"origin":35881,"position":3},"title":"Pool Party RS : Leveraging Windows Thread Pools For Advanced Process Injection","author":"Varshini","date":"February 18, 2025","format":false,"excerpt":"pool_party_rs is a cutting-edge remote process injection tool designed for cybersecurity research and penetration testing. It leverages advanced techniques described in SafeBreach's blog on Windows thread pool abuse and is inspired by the PoolParty project on GitHub. This tool currently implements the first two variants of the PoolParty process injection\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Pool-Party-RS-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":4096,"url":"https:\/\/kalilinuxtutorials.com\/phantom-evasion\/","url_meta":{"origin":35881,"position":4},"title":"Phantom-Evasion : Python AV Evasion Tool Capable to Generate FUD Executable Even With The Most Common 32 bit Metasploit Payload","author":"R K","date":"March 8, 2019","format":false,"excerpt":"Phantom-Evasion is an interactive antivirus evasion tool written in python capable to generate (almost) FUD executable even with the most common 32 bit msfvenom payload (lower detection ratio with 64 bit payloads). The aim of this tool is to make antivirus evasion an easy task for pentesters through the use\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10520,"url":"https:\/\/kalilinuxtutorials.com\/invoker\/","url_meta":{"origin":35881,"position":5},"title":"Invoker : Penetration Testing Utility","author":"R K","date":"May 9, 2020","format":false,"excerpt":"Invoker is a penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Some features require administrative privileges. Capabilities invoke the Command Prompt and PowerShell,download a file,add a registry key,schedule a task,connect to a remote host,terminate a running process,run\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35881","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=35881"}],"version-history":[{"count":3,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35881\/revisions"}],"predecessor-version":[{"id":35884,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/35881\/revisions\/35884"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/35885"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=35881"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=35881"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=35881"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}