kphongagsorn / windows-undocumented-apis
Projects on undocumented windows APIs, a keylogger PoC, and dll injection PoC. Based off of a Defcon workshop
☆34Updated 7 years ago
Alternatives and similar repositories for windows-undocumented-apis:
Users that are interested in windows-undocumented-apis are comparing it to the libraries listed below
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- A ready-made template for a project based on libpeconv.☆47Updated 2 months ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- ☆45Updated 6 years ago
- Windows 10 PE image loader (LDR) NTDLL component toolbox☆49Updated 5 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated last year
- Crash Windows 10 up to RS2 from an unprivileged process☆41Updated 7 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Updated 3 months ago
- A console debugger using DbgX and Terminal.Gui☆29Updated 2 years ago
- Yet another Windows DLL injector.☆39Updated 3 years ago
- Runs programs as TrustedInstaller☆49Updated 5 years ago
- An example pattern in C# for using WMI to monitor process creation and termination events.☆52Updated 6 years ago
- UIAccess UAC Bypass using token duplication and keyboard events☆27Updated 5 years ago
- Example/starter code for custom Windows application compatibility shims☆32Updated 4 years ago
- APIInfo Plugin (x86) - A Plugin For x64dbg☆50Updated 6 years ago
- ☆65Updated 3 years ago
- A template for projects using both libPeConv and MS Detours☆15Updated last year
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆60Updated 8 months ago
- DLL Injection Library & Tools☆72Updated 8 years ago
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- View handles and object for each object type☆63Updated 5 years ago
- Bare template for a Kernel Mode Driver☆51Updated 5 years ago
- .NET instrumentation framework☆72Updated 7 years ago
- IDA script for vmprotect Windows Api address decoder☆51Updated 3 years ago
- Control flow deobfuscation using Z3 and ILAst☆43Updated 8 years ago
- This repository contains some tools that I have written in the past☆28Updated last year
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- x64dbg Dark Theme - Own use☆31Updated 6 years ago
- Simple tool that allows you to have multiple Just-In-Time debuggers at once.☆93Updated 4 months ago