Maldev-Academy/HookingLsassForCredentials external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Maldev-Academy/HookingLsassForCredentials

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Maldev-Academy/HookingLsassForCredentials)

Close

Maldev-Academy / HookingLsassForCredentialsView on GitHubMore

• External links
• Readme badge

Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials

☆54May 12, 2025Updated 10 months ago

Alternatives and similar repositories for HookingLsassForCredentials

Users that are interested in HookingLsassForCredentials are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• NUL0x4C / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61May 12, 2025Updated 10 months ago
• Maldev-Academy / TrapFlagForSyscalling

  View on GitHub
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆139Aug 25, 2025Updated 7 months ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆193Oct 29, 2025Updated 4 months ago
• zero2504 / Detoured-DLL-Injection

  View on GitHub
  DLL injection with Microsoft detours
  ☆22Dec 9, 2025Updated 3 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated 10 months ago
• silentwarble / Hannibal

  View on GitHub
  Mythic C2 Agent written in x64 PIC C
  ☆84Jan 29, 2025Updated last year
• eladshamir / BadWindowsService

  View on GitHub
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆63Aug 25, 2022Updated 3 years ago
• iilegacyyii / DataInject-BOF

  View on GitHub
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆151Apr 18, 2025Updated 11 months ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆310Mar 31, 2025Updated 11 months ago
• JayGLXR / Rusty-Stardust

  View on GitHub
  A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…
  ☆59Mar 17, 2025Updated last year
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆240Nov 7, 2024Updated last year
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• mochabyte0x / TrampoLatte

  View on GitHub
  A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow
  ☆18Jun 26, 2025Updated 8 months ago
• Maldev-Academy / MaldevAcademyLdr.2

  View on GitHub
  RunPE implementation with multiple evasive techniques (2)
  ☆278Sep 25, 2025Updated 6 months ago
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 9 months ago
• Sh3lldon / HellsVectoredGate

  View on GitHub
  ☆54Oct 13, 2025Updated 5 months ago
• joaoviictorti / runas

  View on GitHub
  Rust crate to run commands as another user
  ☆54Feb 12, 2026Updated last month
• klezVirus / ThreadPoolExecChain

  View on GitHub
  A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack
  ☆99Dec 22, 2025Updated 3 months ago
• joaoviictorti / coffeeldr

  View on GitHub
  A COFF Loader written in Rust
  ☆140Dec 1, 2025Updated 3 months ago
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆164Oct 31, 2024Updated last year
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆271Dec 13, 2024Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• NetSPI / BOF-PE

  View on GitHub
  An example reference design for a proposed BOF PE
  ☆204Jan 23, 2026Updated 2 months ago
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆274Jul 1, 2025Updated 8 months ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆47Jan 8, 2025Updated last year
• nickzer0 / PersisTask-BOF

  View on GitHub
  A BOF to create a scheduled task using a COM object.
  ☆16Dec 3, 2024Updated last year
• breakfix / SharpSCOM

  View on GitHub
  A C# utility for interacting with SCOM
  ☆97Dec 2, 2025Updated 3 months ago
• vmsplit / nebula

  View on GitHub
  arm64 linux position-independent shellcode framework
  ☆30Dec 12, 2025Updated 3 months ago
• entropy-z / PostEx-Arsenal

  View on GitHub
  Arsenal of modules to beacon postex
  ☆97Mar 13, 2026Updated last week
• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆93Jan 2, 2026Updated 2 months ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆169Sep 22, 2025Updated 6 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• decoder-it / ChgPass

  View on GitHub
  ☆136Feb 11, 2025Updated last year
• sliverarmory / CS-Remote-OPs-BOF

  View on GitHub
  ☆13Mar 3, 2025Updated last year
• ColeHouston / theHandler-BOF

  View on GitHub
  Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.
  ☆38Aug 5, 2025Updated 7 months ago
• zero2504 / Early-Cryo-Bird-Injections

  View on GitHub
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆139Apr 6, 2025Updated 11 months ago
• BambiZombie / ThreadlessSpawn

  View on GitHub
  A Simple PoC
  ☆22May 24, 2024Updated last year
• Cobalt-Strike / bof-vs

  View on GitHub
  A Beacon Object File (BOF) template for Visual Studio
  ☆272Nov 24, 2025Updated 4 months ago
• kyxiaxiang / Safetasklist

  View on GitHub
  Help red teams find opsec processes during engagements
  ☆42Dec 7, 2024Updated last year