kphongagsorn / windows-undocumented-apisView external linksLinks
Projects on undocumented windows APIs, a keylogger PoC, and dll injection PoC. Based off of a Defcon workshop
☆36Jan 13, 2018Updated 8 years ago
Alternatives and similar repositories for windows-undocumented-apis
Users that are interested in windows-undocumented-apis are comparing it to the libraries listed below
Sorting:
- Script and metasploit module for CVE-2018-15982☆11Aug 12, 2020Updated 5 years ago
- interesting analysis☆16May 14, 2018Updated 7 years ago
- Techniques that i have used to evade anti-virus during pen tests.☆13May 29, 2018Updated 7 years ago
- ☆10Oct 9, 2024Updated last year
- ☆12Dec 14, 2016Updated 9 years ago
- Proof-of-Concept exploits for CVE-2017-11882☆41Jan 2, 2018Updated 8 years ago
- Simple x64dbg plugin to show registers on every step.☆16Jul 27, 2019Updated 6 years ago
- The ORIGINAL decrypted copies of the Shadow Broker's Don't Forget Your Base release. Contains Equation group's collection of tools primar…☆18Jan 29, 2018Updated 8 years ago
- This is the implementation of RC4, a software stream cipher.☆10Oct 9, 2019Updated 6 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- ☆11Mar 11, 2015Updated 10 years ago
- Self-modifying Code de-obfuscation☆17May 17, 2017Updated 8 years ago
- A blanket execution/min hash semantic hash tool for binary function identification☆18Apr 22, 2016Updated 9 years ago
- Analysis and Modification Tool for Executables☆17Mar 28, 2019Updated 6 years ago
- Decoders for 7ev3n ransomware☆17Oct 24, 2016Updated 9 years ago
- Introducing the Ransomware Builder – an educational tool with a sleek, modern GUI that makes it easy for anyone to create their own ranso…☆18Aug 4, 2024Updated last year
- DLL and API hooking example to hide running in a Terminal Session☆21Jun 5, 2020Updated 5 years ago
- C# code for starting processes.☆14Jul 9, 2013Updated 12 years ago
- a sandbox project by sudami☆17Jul 31, 2018Updated 7 years ago
- Injector with kernel power☆18Jan 2, 2021Updated 5 years ago
- Dump mapped PE files from memory to the disk☆20Jun 28, 2019Updated 6 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆17Dec 6, 2015Updated 10 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- ☆23Jan 9, 2019Updated 7 years ago
- A tool implementing process hollowing making your PE polymorphic☆16Aug 11, 2020Updated 5 years ago
- The project uses popular anti-virus protection bypass techniques☆12Nov 26, 2018Updated 7 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- Convert Any Exe to Bin (Base64 Output or Binary)☆21Jun 19, 2020Updated 5 years ago
- Script to parse first load time for Shell Extensions loaded by user. Also enumerates all loaded Shell Extensions that are only installed …☆21Jun 8, 2015Updated 10 years ago
- Windows hard shutdown shellcode. Don't need administrator rights.☆14Mar 31, 2016Updated 9 years ago
- ☆22Mar 5, 2018Updated 7 years ago
- Yet-Another-Spy☆19Apr 21, 2017Updated 8 years ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Contains some tricks to detect Sandboxes and gradually completed☆44Aug 27, 2017Updated 8 years ago
- Windows Data Protection API (DPAPI) command line tool☆21Feb 23, 2019Updated 6 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 4 months ago
- Utility functions for building Windows kernel drivers in Rust☆20Nov 16, 2021Updated 4 years ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆38Jun 9, 2024Updated last year