diversenok / NtTools
Some random system tools for Windows
☆111Updated 2 years ago
Alternatives and similar repositories for NtTools:
Users that are interested in NtTools are comparing it to the libraries listed below
- Run shellcode through InnoSetup code engine.☆67Updated last year
- ☆33Updated last year
- Exploring in-memory execution of .NET☆137Updated 2 years ago
- x64 Registration-Free In-Process COM Automation Server.☆48Updated 2 years ago
- C++ WinRM API via Reflective DLL☆142Updated 3 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆125Updated 2 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆100Updated 2 years ago
- ☆33Updated last year
- ☆110Updated 2 years ago
- Simple windows rpc server for research purposes only☆82Updated 2 years ago
- Persistence via Shell Extensions☆64Updated last year
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆46Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 2 years ago
- Pascal Offsec repo for malware dev and red teaming 🚩☆178Updated last year
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- ☆136Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆99Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆77Updated 2 years ago
- ☆50Updated 4 years ago
- ☆142Updated 2 years ago
- Windows user-land hooks manipulation tool.☆142Updated 3 years ago
- ☆112Updated 2 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆157Updated 4 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- DInvisibleRegistry☆82Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆92Updated 3 years ago
- Standalone Metasploit-like XOR encoder for shellcode☆47Updated 10 months ago
- a library that automates some clean syscalls to make it easier to implement☆84Updated 2 years ago
- adding a backdooruser using win32api☆80Updated 4 years ago