Rust-for-Malware-Development

Process Argument Spoofing

Process Argument Spoofing is a technique used to manipulate or hide command-line arguments of a process, making it harder for security tools to detect the actual parameters passed to the program.

⬇️ Download

Features

• Process argument spoofing implementation in Rust
• Uses Windows API and NT API for process manipulation
• Demonstrates process memory manipulation techniques

Requirements

• Rust toolchain
• Required dependencies:
  • winapi
  • ntapi
  • memoffset

Installation

1. Clone the repository
2. Navigate to the project directory
3. Run cargo build to compile the project

Usage

1. Build the project using Cargo:

   cargo build --release
   

2. Run the executable:

   ./target/release/process_argument_spoofing.exe
   

References

• https://www.ired.team/offensive-security/defense-evasion/parent-process-id-ppid-spoofing

Author

@5mukx

This site is open source. Improve this page.