{"id":16494082,"url":"https://github.com/xaff-xaff/kernel-process-hollowing","last_synced_at":"2025-05-12T03:32:11.111Z","repository":{"id":177057044,"uuid":"659895311","full_name":"XaFF-XaFF/Kernel-Process-Hollowing","owner":"XaFF-XaFF","description":"Windows x64 kernel mode rootkit process hollowing POC. ","archived":false,"fork":false,"pushed_at":"2023-06-30T12:17:58.000Z","size":28,"stargazers_count":186,"open_issues_count":0,"forks_count":27,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-31T23:51:07.093Z","etag":null,"topics":["kernel-driver","processhollowing","rootkit","windows","x64"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/XaFF-XaFF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-28T19:54:42.000Z","updated_at":"2025-03-16T21:34:18.000Z","dependencies_parsed_at":"2023-07-10T06:00:24.631Z","dependency_job_id":null,"html_url":"https://github.com/XaFF-XaFF/Kernel-Process-Hollowing","commit_stats":null,"previous_names":["xaff-xaff/kernel-process-hollowing"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XaFF-XaFF%2FKernel-Process-Hollowing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XaFF-XaFF%2FKernel-Process-Hollowing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XaFF-XaFF%2FKernel-Process-Hollowing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/XaFF-XaFF%2FKernel-Process-Hollowing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/XaFF-XaFF","download_url":"https://codeload.github.com/XaFF-XaFF/Kernel-Process-Hollowing/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253668103,"owners_count":21944983,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["kernel-driver","processhollowing","rootkit","windows","x64"],"created_at":"2024-10-11T14:11:58.797Z","updated_at":"2025-05-12T03:32:11.097Z","avatar_url":"https://github.com/XaFF-XaFF.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Windows Kernel Mode Process Hollowing\n\nThis project is a proof of concept of how the Process Hollowing technique works from the kernel level.\n\n### Resources\n\n[SSDT Hook](https://github.com/Idov31/Jormungandr)\n\n[Process Hollowing](https://github.com/XaFF-XaFF/ZwProcessHollowing)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxaff-xaff%2Fkernel-process-hollowing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fxaff-xaff%2Fkernel-process-hollowing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fxaff-xaff%2Fkernel-process-hollowing/lists"}