Alternatives and similar repositories for windows-api-function-cheatsheets

Users that are interested in windows-api-function-cheatsheets are comparing it to the libraries listed below

• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• Maldev-Academy / RemoteTLSCallbackInjection
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆286Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated 2 years ago
• decoder-it / TokenStealer
  ☆163Updated 2 years ago
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆182Updated this week
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆150Updated 4 months ago
• NVISOsecurity / codasm
  Payload encoding utility to effectively lower payload entropy.
  ☆123Updated 9 months ago
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆151Updated 10 months ago
• Azr43lKn1ght / Rusty-PE-Packer
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆40Updated last year
• captain-woof / malware-study
  My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…
  ☆111Updated 7 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆282Updated last year
• joaoviictorti / hypnus
  Sleep Obfuscation in Rust
  ☆275Updated 2 months ago
• 0xJs / BlockEDRTraffic
  Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …
  ☆257Updated 4 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆214Updated last year
• TwoSevenOneT / CreateProcessAsPPL
  This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
  ☆294Updated 3 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆71Updated last year
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆85Updated 2 years ago
• Wh04m1001 / CVE-2025-48799
  ☆262Updated 7 months ago
• Dump-GUY / EXE-or-DLL-or-ShellCode
  Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  ☆169Updated last year
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆167Updated 2 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆264Updated last year
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆253Updated last year
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆214Updated 2 years ago
• MzHmO / SymProcAddress
  Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
  ☆144Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288Updated last year
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆161Updated 5 months ago
• BlackSnufkin / Rusty-Playground
  Some Rust program I wrote while learning Malware Development
  ☆160Updated last year
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆248Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆123Updated 2 months ago
• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆213Updated 2 years ago