h4xu3lyn / NTLibView external linksLinks
Headers for linking your software with ntdll.dll
☆15Nov 4, 2020Updated 5 years ago
Alternatives and similar repositories for NTLib
Users that are interested in NTLib are comparing it to the libraries listed below
Sorting:
- ☆15Dec 16, 2020Updated 5 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- 新的注入方式☆11Sep 30, 2018Updated 7 years ago
- Library for using direct system calls☆36Jan 30, 2025Updated last year
- A Windows native DLL injection library written in C# that supports several methods of injection.☆13Dec 17, 2018Updated 7 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- Simple DLL and client app that work together to hook all the functions in WinHvPlatform.dll in order to provide logging and introspection…☆21Dec 1, 2021Updated 4 years ago
- ☆13May 31, 2023Updated 2 years ago
- Windows System Programming Experiments☆223Jun 13, 2022Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- ☆17Feb 29, 2020Updated 5 years ago
- Library for linking multiple PE\PE + files to one☆52Mar 16, 2024Updated last year
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆30Jul 12, 2021Updated 4 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Mar 15, 2023Updated 2 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109May 27, 2021Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆107Jan 3, 2021Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- BlowBeef is a tool for analyzing WMI data.☆18Jul 26, 2021Updated 4 years ago
- Append a custom data payload to a digitally signed NSIS .exe installer☆24Jan 11, 2023Updated 3 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆19Sep 12, 2019Updated 6 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- APC注入DLL内核层☆23Dec 8, 2018Updated 7 years ago
- Several self-defense shellcodes☆23Jul 16, 2019Updated 6 years ago
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆149Jun 16, 2019Updated 6 years ago
- Resolve DOS MZ executable symbols at runtime☆96Nov 12, 2021Updated 4 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- A Rust malware controlled by a Go web interface, API and socket server.☆10Aug 22, 2022Updated 3 years ago
- NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)☆13Jun 6, 2023Updated 2 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago