diversenok / NtToolsLinks
Some random system tools for Windows
☆114Updated 3 years ago
Alternatives and similar repositories for NtTools
Users that are interested in NtTools are comparing it to the libraries listed below
Sorting:
- Run shellcode through InnoSetup code engine.☆69Updated 2 years ago
- ☆34Updated last year
- ☆35Updated 2 years ago
- x64 Registration-Free In-Process COM Automation Server.☆49Updated 2 years ago
- Persistence via Shell Extensions☆62Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆79Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆106Updated 4 years ago
- Runs programs as TrustedInstaller☆49Updated 6 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆76Updated 2 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆70Updated last year
- Small POC for process ghosting☆39Updated 3 years ago
- Pascal Offsec repo for malware dev and red teaming 🚩☆186Updated last year
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆62Updated 3 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Updated 4 years ago
- ☆70Updated 6 months ago
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Updated 3 years ago
- code for the Proxy DLL example blog post☆62Updated 3 years ago
- ☆56Updated 3 years ago
- ☆112Updated 2 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆56Updated 2 years ago
- Subtract one PE file from another!☆20Updated 3 years ago
- Execute .Net assemblies using Rundll32.exe☆113Updated 4 years ago
- conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine☆54Updated 4 years ago
- RunAsAttached is a program to locally run a new terminal as another user without spawning a new console window.☆47Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆85Updated 5 years ago
- ☆82Updated 3 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆54Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆103Updated 2 years ago
- Windows user-land hooks manipulation tool.☆145Updated 4 years ago