m417z / winapiexec

Related projects ⓘ

Alternatives and complementary repositories for winapiexec

• zodiacon / TotalPE2
  PE Viewer
  ☆152Updated 3 weeks ago
• m417z / global-inject-demo
  A global injection and hooking example
  ☆125Updated last year
• hackerhouse-opensource / SignToolEx
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆271Updated 4 months ago
• daem0nc0re / SharpWnfSuite
  C# Utilities for Windows Notification Facility
  ☆125Updated 6 months ago
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆237Updated 2 years ago
• m417z / ntdoc
  Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
  ☆163Updated last week
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆107Updated 8 months ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆114Updated 3 years ago
• zodiacon / ObjectExplorer
  Explore Kernel Objects on Windows
  ☆200Updated 10 months ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆261Updated last month
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆201Updated 2 years ago
• DamonMohammadbagher / ETWProcessMon2
  ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detecti…
  ☆292Updated 8 months ago
• 0xf005ba11 / vmplex-ws
  A tabbed UI for Microsoft's Hyper-V
  ☆202Updated 3 months ago
• namazso / MagicSigner
  Signtool for expired certificates
  ☆455Updated last year
• itm4n / PPLcontrol
  Controlling Windows PP(L)s
  ☆263Updated last year
• ElliotKillick / LdrLockLiberator
  For when DLLMain is the only way
  ☆353Updated 3 weeks ago
• cyberark / RPCMon
  RPC Monitor tool based on Event Tracing for Windows
  ☆330Updated 3 months ago
• zodiacon / WFPExplorer
  Windows Filtering Platform Explorer
  ☆211Updated last month
• LloydLabs / ntqueueapcthreadex-ntdll-gadget-injection
  This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …
  ☆231Updated last year
• fossabot / myAut2Exe
  myAut2Exe - The Open Source AutoIT Script Decompiler
  ☆70Updated 6 years ago
• tastypepperoni / RunAsWinTcb
  ☆134Updated 2 years ago
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆186Updated this week
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆138Updated last year
• huntandhackett / concealed_code_execution
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆199Updated 2 years ago
• ergrelet / windiff
  Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …
  ☆329Updated this week
• namazso / dll-proxy-generator
  Generate a proxy dll for arbitrary dll
  ☆145Updated last month
• EvanMcBroom / perfect-loader
  Load a dynamic library from memory by modifying the native Windows loader
  ☆204Updated last year
• pathtofile / Sealighter
  Sysmon-Like research tool for ETW
  ☆336Updated 2 years ago
• crummie5 / FreshyCalls
  FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!
  ☆315Updated 2 years ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆164Updated 10 months ago