https://github.com/cyb3rv1c/threadveil

Tool That Injects Shell via Remote Thread Hijacking
https://github.com/cyb3rv1c/threadveil

anti-analysis edr-bypass rc4-decryption remote-thread-injection

Last synced: about 2 months ago
JSON representation

Tool That Injects Shell via Remote Thread Hijacking

• Host: GitHub
• URL: https://github.com/cyb3rv1c/threadveil
• Owner: Cyb3rV1c
• License: mit
• Created: 2024-11-15T21:07:40.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2024-11-19T15:26:55.000Z (6 months ago)
• Last Synced: 2025-02-01T10:42:32.671Z (4 months ago)
• Topics: anti-analysis, edr-bypass, rc4-decryption, remote-thread-injection
• Language: C++
• Homepage:
• Size: 31.3 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# ThreadVeil

**Description :**

An advanced Windows tool that uses RC4 encryption to inject shellcode via the Remote Thread Hijacking technique, incorporating API obfuscation to obscure IAT visibility and evade detection by AVs

# Features

**[+] Obfuscation Techniques:** Employs Rc4 encryption to avoid signature-based detection. & incorporated API obfuscation 

**[+] Remote Thread Hijacking** Technique where an external process takes control of a suspended thread in a target process to execute malicious code

**[+] Anti-Debugging/Anti-Sandboxing**: Validates environnement first , won't execute if there is no internet or if specific processes are running in the background.

# Getting Started

**Installation**

1. Clone the repository:

```

git clone https://github.com/Cyb3rV1c/ThreadVeil

```

# Usage

1. Add your Rc4 encrypted shellcode in ThreadVeil.cpp 

2. Specify Secret Key for Decryption

3. Compile & Run.

# Example Output

**Execution** 

![Screenshot 2024-11-14 at 2 10 35 PM](https://github.com/user-attachments/assets/0a30f138-8503-4a00-b391-9cfe93b78d5e)



![Screenshot 2024-11-14 at 2 33 25 PM](https://github.com/user-attachments/assets/a2d8804b-7022-481f-a53b-66426be29381)

# Disclaimer

**This project is intended for educational and research purposes only.**

The code provided in this repository is designed to help individuals understand and improve their knowledge of cybersecurity, ethical hacking, and malware analysis techniques. It must not be used for malicious purposes or in any environment where you do not have explicit permission from the owner.