3xp0rt / VX-APILinks
Collection of various WINAPI tricks / features used or abused by Malware
☆13Updated 3 years ago
Alternatives and similar repositories for VX-API
Users that are interested in VX-API are comparing it to the libraries listed below
Sorting:
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆32Updated last year
- ☆12Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- Inject shellcode into a valid BMP/GIF image.☆30Updated 4 years ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated last year
- Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.☆32Updated last month
- Analyzers for Portable Executable anomalies and other malware behavior.☆32Updated 11 months ago
- Rust Weaponization for Red Team Engagements.☆11Updated 2 years ago
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆27Updated 2 months ago
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆27Updated 8 months ago
- A utility that can be used to launch an executable with a DLL injected☆20Updated last year
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engageme…☆19Updated 3 years ago
- RATs library 2003 to present☆14Updated last year
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)☆35Updated last week
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- A post-exploitation toolkit to simulate the weaponization and detection of native Windows binaries based on LOLBas framework.☆28Updated last year
- ☆27Updated 6 months ago
- BYOVD Technique Example using viragt64 driver☆40Updated 10 months ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Updated 3 years ago
- quASAR: ASAR manipulation made easy☆38Updated 2 years ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- ☆28Updated last year
- ☆30Updated 6 months ago
- A shellcode runner / injector / hollower in Go, for windows☆26Updated 3 years ago
- ☆12Updated 4 years ago