Hecate is a cross-platform process manipulation framework for personal research.
It provides abstractions for:
- Remote memory interaction
- Injection techniques
- Pattern scanning
- Hooking mechanisms
- Windows / POSIX backend separation
Hecate is a personal project - Though I'd appreciate any contributions and feedback.
- Discord: @kauht or @yuhbayn
- Discord Server: https://discord.gg/WVMHUgrgeH
- GitHub: https://github.com/kauht/Hecate
- Typed read/write utilities
- Raw region access
- Pointer chain resolution
- String extraction
- Module enumeration
- AOB pattern scanning
- Wildcard signatures
- Section-aware scanning
- ASLR-safe resolution
- Remote allocation utilities
- Shellcode execution
- LoadLibrary injection (Windows)
- dlopen injection (Linux)
- Manual mapping loader
- Inline trampolines
- VTable swapping
- IAT patching
- Disassembler integration (Capstone / Zydis)
- Windows / Linux backend abstraction
- Static + shared builds (.lib/.a/.dll/.so)
- Optional header-only distribution
- Public API documentation
- Stable error handling model
- Safe typed read/write
- Region querying
- Pointer chain utilities
- Wildcard AOB scanning
- Efficient region scanning
- Module-relative resolution
- LoadLibrary injection
- dlopen injection
- Reflective/manual mapping
- Inline trampolines
- Disassembly-assisted relocation
- VTable swapping
- Unified internal/external API
- Optional kernel backend
- Extended research documentation
See RESEARCH.md for a structured learning roadmap for each subsystem, feel free to check it out and learn along with me!
Hecate is licensed under the MIT License.
See the LICENSE file for full terms.