Add: hasherezade/process_chameleon to Defense Evasion section

2024-06-25 05:02:13 +00:00 · 2021-10-27 16:32:14 +07:00 · 2021-10-27 16:32:14 +07:00 · aaabdfe2fa
commit aaabdfe2fa
parent e6d0a0b7d9
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1354,6 +1354,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/hasherezade/module_overloading">hasherezade/module_overloading</a></td>
        <td>A more stealthy variant of "DLL hollowing"</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/hasherezade/process_chameleon">hasherezade/process_chameleon</a></td>
+        <td>A process overwriting its own PEB to make an illusion that it has been loaded from a different path.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/hasherezade/transacted_hollowing">hasherezade/transacted_hollowing</a></td>
        <td>Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging</td>