@@ -63,7 +63,7 @@ SHELLCODE execute locally.
636314 . close opened handle using ` CloseHandle `
6464
6565## create_remote_thread
66- SHELLCODE execute remotely.
66+ SHELLCODE execute remotely.
6767inject ` explorer.exe ` by default.
68681 . get pid by process name using crate ` sysinfo `
69692 . get handle using ` OpenProcess `
@@ -74,7 +74,7 @@ inject `explorer.exe` by default.
74747 . close opened handle using ` CloseHandle `
7575
7676## create_remote_thread_native
77- SHELLCODE execute remotely.
77+ SHELLCODE execute remotely.
7878inject ` explorer.exe ` by default.
7979this is same with [ create_remote_thread] ( #create_remote_thread ) , but without crate ` windows-sys `
8080using crate ` libloading ` get functions from dlls.
@@ -93,7 +93,7 @@ this is same with [create_thread](#create_thread), but without crate `windows-sy
9393using crate ` libloading ` get functions from dlls.
9494
9595## early_bird
96- SHELLCODE execute remotely.
96+ SHELLCODE execute remotely.
9797create and inject ` svchost.exe ` by default.
98981 . create a process using ` CreateProcessA `
99992 . alloc remote memory using ` VirtualAllocEx `
@@ -121,7 +121,7 @@ SHELLCODE execute locally.
1211215 . execute fn
122122
123123## module_stomping
124- SHELLCODE execute remotely.
124+ SHELLCODE execute remotely.
125125inject ` notepad.exe ` by default.
1261261 . get pid by process name using crate ` sysinfo `
1271272 . get handle using ` OpenProcess `
@@ -148,7 +148,7 @@ SHELLCODE execute locally.
1481486 . execute SHELLCODE using ` NtQueueApcThreadEx `
149149
150150## rtl_create_user_thread
151- SHELLCODE execute remotely.
151+ SHELLCODE execute remotely.
152152inject ` explorer.exe ` by default.
1531531 . get ` RtlCreateUserThread ` funtion from ` ntdll ` using ` LoadLibraryA ` and ` GetProcAddress `
1541542 . get pid by process name using crate ` sysinfo `
0 commit comments