Topic: "ntapi"
M2TeamArchived/NSudo π¦
[Deprecated, work in progress alternative: https://github.com/M2Team/NanaRun] Series of System Administration Tools
Language: C++ - Size: 15.9 MB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 2,041 - Forks: 225
ricardojoserf/NativeDump
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Language: C# - Size: 271 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 471 - Forks: 65
ricardojoserf/TrickDump
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
Language: C# - Size: 580 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 446 - Forks: 50
f1zm0/hades
Go shellcode loader that combines multiple evasion techniques
Language: Go - Size: 2.12 MB - Last synced at: 26 days ago - Pushed at: almost 2 years ago - Stars: 364 - Forks: 46
ricardojoserf/NativeBypassCredGuard
Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
Language: C++ - Size: 161 KB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 234 - Forks: 28
voidvxvt/HellBunny
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Language: C - Size: 617 KB - Last synced at: 25 days ago - Pushed at: 4 months ago - Stars: 101 - Forks: 19
diversenok/NtTools
Some random system tools for Windows
Language: Pascal - Size: 17.6 KB - Last synced at: over 1 year ago - Pushed at: about 3 years ago - Stars: 98 - Forks: 21
tenox7/regln
Windows Rregistry Linking Utility
Language: C - Size: 24.4 KB - Last synced at: 9 months ago - Pushed at: almost 4 years ago - Stars: 47 - Forks: 10
brosck/APIHookingDetector
γβοΈγDetect which native Windows API's (NtAPI) are being hooked
Language: C++ - Size: 98.6 KB - Last synced at: 23 days ago - Pushed at: 5 months ago - Stars: 38 - Forks: 8
ricardojoserf/NativeNtdllRemap
Remap ntdll.dll using only NTAPI functions with a suspended process
Language: C++ - Size: 35.2 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 18 - Forks: 3
lzcapp/NotMe-BSOD
Codes that could trigger BSOD (Blue Screen of Death) on Windows.
Language: C - Size: 239 KB - Last synced at: 9 days ago - Pushed at: 3 months ago - Stars: 18 - Forks: 1
reverseame/winapi-categories
Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
Language: Python - Size: 13.6 MB - Last synced at: 19 days ago - Pushed at: about 2 months ago - Stars: 14 - Forks: 1
KNSoft/KNSoft.NDK
KNSoft.NDK provides native C/C++ definitions and import libraries for Windows NT and some specifications.
Language: C - Size: 1.48 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 11 - Forks: 3
MauriceKayser/rs-winapi2
Microsoft Windows user-mode API access with clean Rust types.
Language: Rust - Size: 251 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 11 - Forks: 2
apriorit/APIHookingLibraries
Samples that shows how to use API Hook libraries: Detours, Deviare, MHook, EasyHook to hide files with the "+/*.txt" file name pattern.
Language: C++ - Size: 10.7 MB - Last synced at: 22 days ago - Pushed at: over 2 years ago - Stars: 11 - Forks: 8
diversenok/Things-AppContainer-Knows
Disclosing information from an AppContainer.
Language: Pascal - Size: 36.1 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 11 - Forks: 6
mez-0/NTAPI-FNV
Resolve NTAPI Functions from the Export Table with FNV Hashing.
Language: C++ - Size: 11.7 KB - Last synced at: over 1 year ago - Pushed at: about 4 years ago - Stars: 8 - Forks: 1
vertver/WindowsHacks π¦
Windows Hacks by Windows Programmer
Language: C++ - Size: 199 KB - Last synced at: about 2 years ago - Pushed at: almost 6 years ago - Stars: 8 - Forks: 1
krystianbajno/winapi-search
π Documented and undocumented WinAPI search.
Language: TypeScript - Size: 309 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 7 - Forks: 0
dz333n/ReactOS-Kernel
Win32less fork of ReactOS (only kernel and NT programs)
Language: C - Size: 364 MB - Last synced at: 6 days ago - Pushed at: almost 5 years ago - Stars: 7 - Forks: 1
Print3M/malware-dev
Windows malware development C/C++ snippets.
Language: C - Size: 11.7 KB - Last synced at: 18 days ago - Pushed at: over 1 year ago - Stars: 6 - Forks: 0
cr-0w/kuronotori
βπ process injector
Language: C++ - Size: 150 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 4 - Forks: 0
marv2097/gontapi
A golang wrapper for Napatech's API - Allows packet capture directly into go applications with the use of NTPL filters.
Language: Go - Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: almost 5 years ago - Stars: 2 - Forks: 1
arimaqz/winapi-obfuscator
obfuscate WINAPI/NTAPI calls easily.
Language: Python - Size: 13.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
0xvpr/offensive-kernel-mode-c
A dedicated repository for exploring offensive kernel-mode techniques.
Language: C - Size: 4.88 KB - Last synced at: 2 months ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0
0xvpr/anti-debugging-mingw-x64 Fork of guidedhacking/anti-debugging
x64 rewrite of GuidedHacking's Anti-debugging techniques on a (bad looking) Win32 application.
Language: C++ - Size: 128 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
A5M1/fakewer
contains code for fakewer, dll sideloading poc / writeup
Language: C# - Size: 136 KB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
