A lightweight Windows Prefetch file parser to extract programs' execution history
☆66Jan 12, 2026Updated last month
Alternatives and similar repositories for PrefetchFileParser
Users that are interested in PrefetchFileParser are comparing it to the libraries listed below
Sorting:
- ☆28Dec 2, 2021Updated 4 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆26Dec 20, 2025Updated 2 months ago
- Calling the undocumented DPAPI RPC interface directly, no more calling public CryptUnprotectData!☆75Feb 4, 2026Updated 3 weeks ago
- ☆71Feb 12, 2026Updated 2 weeks ago
- Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams☆34Jan 27, 2026Updated last month
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆25May 4, 2024Updated last year
- WinDbg Copilot - Agentic Debugging extension☆66Updated this week
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 2 months ago
- IDA scripts that facilitate reverse engineering☆16Aug 10, 2016Updated 9 years ago
- PE Injection with ring3 hook bypass☆10May 3, 2021Updated 4 years ago
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- ☆36May 27, 2024Updated last year
- A windows kernel-mode rootkit with remote control☆12Sep 17, 2022Updated 3 years ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 3 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- exp for useful vuln☆12Jul 9, 2021Updated 4 years ago
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆66Dec 15, 2025Updated 2 months ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 3 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…☆82Nov 15, 2025Updated 3 months ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- ☆60Jun 26, 2022Updated 3 years ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- Full functional idascript with stdin/stdout handled☆20Jan 25, 2017Updated 9 years ago
- ☆16May 20, 2022Updated 3 years ago
- Confluence Hardcoded Password POC☆15Jul 30, 2022Updated 3 years ago
- C# API for Nidhogg rootkit☆21Apr 25, 2024Updated last year
- ☆35Dec 4, 2025Updated 2 months ago
- A simple parser(library) which extracts shimcache data from windows.☆15May 20, 2019Updated 6 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆185Jan 17, 2026Updated last month
- ☆50Jun 4, 2025Updated 8 months ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆36Dec 17, 2025Updated 2 months ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆41Nov 4, 2025Updated 3 months ago