Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
☆85May 3, 2023Updated 3 years ago
Alternatives and similar repositories for IAT_API
Users that are interested in IAT_API are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Assembly block for hooking windows API functions.☆97Jul 16, 2019Updated 6 years ago
- Assembly API block that uses CRC32 for resolving Windows API function addresses☆19May 19, 2023Updated 3 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆25Apr 14, 2018Updated 8 years ago
- 新的注入方式☆11Sep 30, 2018Updated 7 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- Headers for linking your software with ntdll.dll☆16Nov 4, 2020Updated 5 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆103May 14, 2020Updated 6 years ago
- A python metamorphic engine for PE/PE+ files.☆15Jan 1, 2023Updated 3 years ago
- Reflective PE packer.☆1,419Feb 22, 2024Updated 2 years ago
- PE file mapping and manipulation package.☆36May 6, 2022Updated 4 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- HadesMem is a C++-based memory hacking library for Windows based applications, with the goal of providing a safe, generic, powerful, and …☆28Jan 7, 2015Updated 11 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- Map memory to user space and manipulate user memory, using capmon☆24Nov 3, 2018Updated 7 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- A reflexive driver loader to bypass Windows DSE (featuring a custom PE loader)☆42Sep 1, 2018Updated 7 years ago
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆532Jul 2, 2025Updated 11 months ago
- PoC of BOOST-ed _EPROCESS.VadRoot iterating☆27May 21, 2014Updated 12 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Adaptive DLL hijacking / dynamic export forwarding☆819Jul 6, 2020Updated 5 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- NASM listing to shellcode converter☆14May 6, 2018Updated 8 years ago
- Evasive Process Hollowing Techniques☆142Aug 16, 2020Updated 5 years ago
- Translates WinDbg "dt" structure dump to a C structure☆13Jul 20, 2020Updated 5 years ago
- Add More Features for x64dbg Script System,with some Functions which will help Plugin Coder☆129Dec 26, 2021Updated 4 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 5 years ago
- MircoSoft Detours 4.0.1,MIT License,Support X86,X64,ARM,IA64☆12Apr 23, 2018Updated 8 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆89Nov 9, 2015Updated 10 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Jul 7, 2020Updated 5 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.☆315Oct 18, 2018Updated 7 years ago
- An obfuscation engine which obfuscates Intel x86 32-bit binary code.☆55Feb 19, 2018Updated 8 years ago
- ☆151Updated this week
- ☆11Apr 23, 2019Updated 7 years ago
- DLL Generator for side loading attack☆174Feb 5, 2019Updated 7 years ago