Alternatives and similar repositories for windows-api-function-cheatsheets

Users that are interested in windows-api-function-cheatsheets are comparing it to the libraries listed below

• Maldev-Academy / CodeSearchDemo
  ☆40Updated last year
• Maldev-Academy / RemoteTLSCallbackInjection
  Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
  ☆265Updated last year
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated last year
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆103Updated 5 months ago
• NVISOsecurity / codasm
  Payload encoding utility to effectively lower payload entropy.
  ☆119Updated 4 months ago
• Dump-GUY / EXE-or-DLL-or-ShellCode
  Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  ☆158Updated 11 months ago
• 0xJs / BlockEDRTraffic
  Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …
  ☆165Updated last week
• decoder-it / TokenStealer
  ☆164Updated last year
• DarkSpaceSecurity / SSH-Stealer
  Smart keylogging capability to steal SSH Credentials including password & Private Key
  ☆138Updated 5 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆273Updated 11 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆236Updated 7 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆63Updated last year
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆86Updated 2 years ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆208Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆231Updated 8 months ago
• Azr43lKn1ght / Rusty-PE-Packer
  ☆17Updated 7 months ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆228Updated last year
• fortra / CVE-2024-6769
  Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)
  ☆73Updated 11 months ago
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆354Updated 6 months ago
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆121Updated 9 months ago
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆97Updated 2 weeks ago
• Wh04m1001 / CVE-2025-48799
  ☆236Updated last month
• 7h3w4lk3r / RexLdr
  Rex Shellcode Loader for AV/EDR evasion
  ☆34Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆192Updated last year
• 2x7EQ13 / CreateProcessAsPPL
  This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
  ☆117Updated this week
• BlackSnufkin / Rusty-Playground
  Some Rust program I wrote while learning Malware Development
  ☆142Updated 6 months ago
• joaoviictorti / hypnus
  Memory Obfuscation in Rust
  ☆253Updated last week
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆91Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆288Updated last year
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆133Updated 2 months ago