Teach2Breach/NtCreateUserProcess_rs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Teach2Breach/NtCreateUserProcess_rs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Teach2Breach/NtCreateUserProcess_rs)

Close

Teach2Breach / NtCreateUserProcess_rsView on GitHubMore

• External links
• Readme badge

example using NtCreateUserProcess in rust

☆19Jan 20, 2025Updated last year

Alternatives and similar repositories for NtCreateUserProcess_rs

Users that are interested in NtCreateUserProcess_rs are comparing it to the libraries listed below

• Teach2Breach / early_cascade_inj_rs

  View on GitHub
  early cascade injection PoC based on Outflanks blog post, in rust
  ☆62Nov 8, 2024Updated last year
• rbmm / DirectSysCall

  View on GitHub
  ☆12Jul 2, 2023Updated 2 years ago
• Teach2Breach / noldr

  View on GitHub
  Dynamically resolve API function addresses at runtime in a secure manner.
  ☆72Nov 11, 2025Updated 3 months ago
• susMdT / fictional-invention

  View on GitHub
  idk man this was the default github name
  ☆35Apr 23, 2023Updated 2 years ago
• CompassSecurity / TokenPhisher

  View on GitHub
  ☆26Feb 11, 2025Updated last year
• Whitecat18 / earlycascade-injection

  View on GitHub
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆68Dec 26, 2025Updated 2 months ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆232Feb 12, 2025Updated last year
• 0xTriboulet / T-70

  View on GitHub
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆40Oct 30, 2024Updated last year
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆283Sep 26, 2024Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆258Jun 29, 2024Updated last year
• safedv / Rustic64

  View on GitHub
  64-bit, position-independent implant template for Windows in Rust.
  ☆173Nov 28, 2025Updated 2 months ago
• BlackOfWorld / Windows-Native

  View on GitHub
  A wrapper around Windows, calls explicitly the lowest possible calls
  ☆14Jan 19, 2023Updated 3 years ago
• OtterHacker / Hooker

  View on GitHub
  ☆109Oct 29, 2024Updated last year
• almounah / GoDroplets

  View on GitHub
  Go Shellcode Loader to be Integrated in Exploration C2
  ☆27Feb 7, 2025Updated last year
• mfdooom / threadless_loader_rs

  View on GitHub
  Threadless Injection Payload Toolkit
  ☆12Oct 12, 2023Updated 2 years ago
• EspressoCake / cIdentifyServiceDependencies_BOF

  View on GitHub
  Beacon Object File (BOF) for identifying dependent child services of a given parent.
  ☆18Jun 20, 2025Updated 8 months ago
• codyburkard / azol

  View on GitHub
  Azure Offensive Library
  ☆17Oct 18, 2025Updated 4 months ago
• improsec / 2Cloudz

  View on GitHub
  ☆26Apr 1, 2022Updated 3 years ago
• Allevon412 / SyscallTempering

  View on GitHub
  ☆31Jul 26, 2024Updated last year
• almounah / superdeye

  View on GitHub
  Indirect Syscall with TartarusGate Approach in Go
  ☆134Jul 8, 2025Updated 7 months ago
• V3ded / ToolDump-v1

  View on GitHub
  Some of my custom "tools".
  ☆28Feb 21, 2022Updated 4 years ago
• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• hakaioffsec / coffee

  View on GitHub
  A COFF loader made in Rust
  ☆328Aug 20, 2025Updated 6 months ago
• vysecurity / Nemesis-Download-Watcher

  View on GitHub
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆15Feb 29, 2024Updated last year
• hotnops / SharpGetEntraToken

  View on GitHub
  A dotnet executable to get an Entra token in an authenticated runtime
  ☆16Oct 30, 2024Updated last year
• therealdreg / lldb_reversing

  View on GitHub
  Dreg's setup for lldb reversing. The simplest and easiest possible, without scripting. lldb debugging setup.
  ☆14May 2, 2024Updated last year
• paranoidninja / PI-Tracker

  View on GitHub
  A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …
  ☆14Oct 21, 2024Updated last year
• BishopFox / sliver-wasm-stager

  View on GitHub
  A stager and implant that executes remote Web Assembly
  ☆37Feb 4, 2026Updated 3 weeks ago
• yamakadi / clroxide

  View on GitHub
  A rust library that allows you to host the CLR and execute dotnet binaries.
  ☆236Mar 12, 2025Updated 11 months ago
• Cobalt-Strike / eden

  View on GitHub
  A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…
  ☆93Jan 21, 2026Updated last month
• mttaggart / quasar

  View on GitHub
  quASAR: ASAR manipulation made easy
  ☆38Sep 7, 2022Updated 3 years ago
• voidvxvi / EnableAllTokenPrivs

  View on GitHub
  Enable or Disable TokenPrivilege(s)
  ☆15May 17, 2024Updated last year
• NotoriousRebel / ConfigPersist

  View on GitHub
  Modifies machine.config for persistence after installing signed .net assembly onto GAC
  ☆13Mar 17, 2022Updated 3 years ago
• warpedatom / OffsetInspect

  View on GitHub
  PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.
  ☆31Dec 31, 2025Updated 2 months ago
• CR-DMcDonald / voipire

  View on GitHub
  ☆16May 29, 2024Updated last year
• tccontre / Reg-Restore-Persistence-Mole

  View on GitHub
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆65Aug 23, 2023Updated 2 years ago
• NoahKirchner / speedloader

  View on GitHub
  Rust template/library for implementing your own COFF loader
  ☆71Jan 27, 2025Updated last year
• EspressoCake / BOF_NativeAPI_Definitions-VSCode

  View on GitHub
  A VSCode plugin to assist with BOF development.
  ☆37Aug 14, 2024Updated last year
• Teach2Breach / hollow_rs

  View on GitHub
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆31Feb 7, 2025Updated last year