TikiTorch – Process Injection Tool

TikiTorch was named in homage to CACTUSTORCH by Vincent Yiu. The basic concept of CACTUSTORCH is that it spawns a new process, allocates a region of memory, then uses CreateRemoteThread to run the desired shellcode within that target process. Both the process and shellcode are specified by the user.

This is pretty flexible as it allows an operator to run an HTTP agent in a process such as iexplore.exe, rather than something more arbitrary like rundll32 or powershell.

TikiTorch follows the same concept but has multiple types of process injection available, which can be specified by the user at compile time.


TikiTorch is a Visual Basic solution, split into 8 projects.

  • TikiLoader
  • TikiSpawn
  • TikiSpawnAs
  • TikiSpawnElevated
  • TikiCpl
  • TikiService
  • TikiThings
  • TikiVader

In the first instance, please see the Wiki for usage instructions.

Example of TikiTorch can be found here.

Source : Haxf4rall

Previous ArticleNext Article
Send this to a friend