Offensive tools written for practice purposes
☆162Sep 23, 2022Updated 3 years ago
Alternatives and similar repositories for win32api-practice
Users that are interested in win32api-practice are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- ☆36Mar 4, 2025Updated last year
- HVNC based on RustDesk☆110May 1, 2024Updated last year
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- Windows对抗沙箱和虚拟机的方法总结☆401Apr 22, 2020Updated 5 years ago
- decrypt rdp credentials to password using mimikatz.☆28Dec 18, 2020Updated 5 years ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- 记录一下我学习的Win32CPP☆56Aug 5, 2025Updated 7 months ago
- A little tool to play with the Seclogon service☆326Jul 10, 2022Updated 3 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago
- NTLM relay test.☆195Jun 26, 2025Updated 8 months ago
- A way to delete a locked file, or current running executable, on disk.☆618Nov 5, 2025Updated 4 months ago
- ☆620Jul 21, 2025Updated 8 months ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- A library for loading and executing PE (Portable Executable) from memory without ever touching the disk☆167Nov 26, 2020Updated 5 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- 提取DC日志,快速获取域用户对应IP地址☆309Mar 21, 2022Updated 4 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆686Mar 11, 2024Updated 2 years ago
- Memshell☆294Dec 7, 2021Updated 4 years ago
- WINDOWS TELEMETRY权限维持☆258Jul 2, 2020Updated 5 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆729Sep 1, 2021Updated 4 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆277Apr 4, 2023Updated 2 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- UAC bypass for x64 Windows 7 - 11(无弹窗版)☆281Sep 5, 2022Updated 3 years ago
- Search msDS-AllowedToActOnBehalfOfOtherIdentity☆35Jan 17, 2022Updated 4 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- ☆245Sep 19, 2023Updated 2 years ago
- OXID_Find by C++(多线程) 通过OXID解析器获取Windows远程主机上网卡地址☆90Jul 19, 2020Updated 5 years ago