Offensive tools written for practice purposes
☆162Sep 23, 2022Updated 3 years ago
Alternatives and similar repositories for win32api-practice
Users that are interested in win32api-practice are comparing it to the libraries listed below
Sorting:
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- A shellcode function to encrypt a running process image when sleeping.☆340Sep 11, 2021Updated 4 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- Windows对抗沙箱和虚拟机的方法总结☆401Apr 22, 2020Updated 5 years ago
- ☆615Jul 21, 2025Updated 7 months ago
- NTLM relay test.☆195Jun 26, 2025Updated 8 months ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- HVNC based on RustDesk☆109May 1, 2024Updated last year
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- decrypt rdp credentials to password using mimikatz.☆28Dec 18, 2020Updated 5 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- A way to delete a locked file, or current running executable, on disk.☆616Nov 5, 2025Updated 3 months ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Collection of Beacon Object Files☆633Nov 1, 2022Updated 3 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- 记录一下我学习的Win32CPP☆56Aug 5, 2025Updated 6 months ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆684Mar 11, 2024Updated last year
- 提取DC日志,快速获取域用户对应IP地址☆308Mar 21, 2022Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- ☆36Mar 4, 2025Updated 11 months ago
- A little tool to play with the Seclogon service☆327Jul 10, 2022Updated 3 years ago
- OXID_Find by C++(多线程) 通过OXID解析器获取Windows远程主机上网卡地址☆89Jul 19, 2020Updated 5 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆731Sep 1, 2021Updated 4 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- Dump the memory of a PPL with a userland exploit☆889Jul 24, 2022Updated 3 years ago
- Memshell☆292Dec 7, 2021Updated 4 years ago
- POC of a better implementation of GetProcAddress for ntdll using binary search☆111Apr 8, 2024Updated last year
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,255Aug 27, 2023Updated 2 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- 使用windows api添加用户,可用于net无法使用时.分为nim版,c++版本,RDI版,BOF版。☆421Sep 29, 2021Updated 4 years ago