Code samples that serve as references for Windows API functions
☆77May 28, 2024Updated last year
Alternatives and similar repositories for WindowsAP1
Users that are interested in WindowsAP1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆38Nov 4, 2024Updated last year
- Hardcore Debugging☆937Apr 9, 2026Updated 3 weeks ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- ☆253Jun 7, 2025Updated 10 months ago
- ☆17Feb 15, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Comprehensive Windows Syscall Extraction & Analysis Framework☆167Aug 30, 2025Updated 7 months ago
- Repository contains shellcodes made from scratch for intel x86-64 bit Architecture☆12May 6, 2023Updated 2 years ago
- ☆72Mar 8, 2026Updated last month
- Vectored Exception Handling Squared☆30Dec 27, 2025Updated 4 months ago
- RE for champions☆15Updated this week
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆103Apr 9, 2026Updated 2 weeks ago
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆15May 27, 2018Updated 7 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 3 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆39Sep 23, 2023Updated 2 years ago
- Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right a…☆33May 21, 2019Updated 6 years ago
- Windows AppLocker Driver (appid.sys) LPE☆76Jul 29, 2024Updated last year
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 8 months ago
- Anti-Rootkit Tool for Windows☆12Mar 24, 2025Updated last year
- Convert IDA Type Library `*.til` to Compilable C Header!☆20Mar 9, 2023Updated 3 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A collection of PoCs to do common things in unconventional ways☆121Aug 31, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A bootkit to bypass Windows login (WIP)☆10Oct 25, 2023Updated 2 years ago
- Demo from the Malware Analysis and Development Webinar☆25Apr 17, 2024Updated 2 years ago
- Integer overflow in FreeType software, which also affects Chrome☆30Aug 27, 2025Updated 8 months ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- ☆24Jul 15, 2023Updated 2 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- ��☆50Dec 15, 2025Updated 4 months ago
- AppLocker Policy Generator☆26Aug 25, 2025Updated 8 months ago
- Offensive toolkit and BloodHound graph creator for DPAPI blobs and master key files☆15Jan 10, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- modern c++ wrapper around the microsoft portable executable file format☆34Nov 22, 2025Updated 5 months ago
- Administrative Template (ADMX) for Microsoft Defender Attack Surface Reduction (ASR)☆15Jul 7, 2025Updated 9 months ago
- C++ Assembler with Built-in Mutation Engine☆30Sep 6, 2025Updated 7 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆235Jul 17, 2024Updated last year
- NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.☆12Oct 23, 2015Updated 10 years ago
- Local SYSTEM auth trigger for relaying☆171Jul 22, 2025Updated 9 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆240Jan 24, 2025Updated last year