Alternatives and similar repositories for WindowsInternals:

Users that are interested in WindowsInternals are comparing it to the libraries listed below

• ThunderGunExpress / Reflective_Schtasks
  ☆54Updated 6 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆14Updated 4 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 6 years ago
• vysecurity / WindfarmDynamite-CNA
  CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe
  ☆16Updated 5 years ago
• leonjza / tc2
  treafik fronted c2 examples
  ☆26Updated 4 years ago
• cys3c / Siofra
  DLL hijacking vulnerability scanner and PE infector tool
  ☆17Updated 7 years ago
• fashionproof / RunHijackHunter
  ☆16Updated 3 years ago
• ThunderGunExpress / ThunderMSI
  ☆28Updated 7 years ago
• neofito / CVE-2020-1337
  CVE-2020-1048 bypass: binary planting PoC
  ☆32Updated 4 years ago
• checkymander / CoreSploit
  Initial Commit of Coresploit
  ☆56Updated 3 years ago
• decoder-it / BadBackupOperator
  ☆36Updated 7 years ago
• ChaitanyaHaritash / NIM-Scripts
  ☆18Updated 3 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• limbenjamin / LogServiceCrash
  POC code to crash Windows Event Logger Service
  ☆26Updated 4 years ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆28Updated 5 years ago
• rvrsh3ll / Sharp-Suite
  My musings with C#
  ☆28Updated 2 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆31Updated 4 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆29Updated 4 years ago
• 0xeb-bp / cve-2020-1015
  PoC for CVE-2020-1015
  ☆40Updated 4 years ago
• 3gstudent / SCTPersistence
  Create COM Objects backed by Scripts, not DLLs
  ☆9Updated 7 years ago
• fashionproof / CheckSafeBoot
  I used this to see if an EDR is running in Safe Mode
  ☆36Updated 4 years ago
• bufferbandit / leak.docx
  Leak windows system info through a docx file
  ☆12Updated 5 years ago
• guardicore / vmware_guest_auth_bypass
  Proof of concept of VMSA-2017-0012
  ☆41Updated 7 years ago
• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆74Updated 5 years ago
• mobdk / Core
  Core bypass Windows Defender and execute any binary converted to shellcode
  ☆43Updated 3 years ago
• NotMedic / SocksLauncher
  ☆14Updated 5 years ago
• invictus-0x90 / Docker-C3
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆26Updated 3 years ago
• 0r13lc0ch4v1 / HideFromAMSI
  Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
  ☆30Updated 5 years ago
• tyranid / setsidmapping
  Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
  ☆23Updated 4 years ago
• xpn / jupyter
  Collection of Jupyter notebooks
  ☆13Updated 4 years ago