Skip to content

Commit

Permalink
added key feature to README
Browse files Browse the repository at this point in the history
  • Loading branch information
@itaymigdal
itaymigdal committed Feb 7, 2024
1 parent 3d871dc commit 0e1afdf
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
Binary file modified PichichiH0ll0wer/build.exe
View file
Binary file not shown.
4 changes: 3 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ Supports only x64 EXEs currently.
- Can block unsigned microsoft DLLs from being loaded to the hollowed process
- Supports anti-debug techniques with the ability to die or to execute useless calculations ('troll' mode)
- Obfuscated sleep using useless calculations
- Support execution within VEH
- Supports execution within VEH
- Supports command line key to enable execution

# Injection methods
1. Simple hollowing: just the usual stuff: VirtualAlloc -> WriteProcessMemory -> GetThreadContext -> SetThreadContext -> ResumeThread.
Expand Down Expand Up @@ -82,6 +83,7 @@ Options:
-t, --sleep=SLEEP Number of seconds to sleep before hollowing (default: 0)
-g, --anti-debug=ANTI_DEBUG
Action to perform upon debugger detection Possible values: [none, die, troll] (default: none)
-k, --key=KEY Hollower will run only when this supplied key is a command line argument (default: )
-v, --veh Hollow will occur within VEH
-d, --debug Compile as debug instead of release (loader is verbose)
```
Expand Down

0 comments on commit 0e1afdf

Please sign in to comment.