rad9800/VehApiResolve external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rad9800/VehApiResolve

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rad9800/VehApiResolve)

Close

rad9800 / VehApiResolveView on GitHubMore

• External links
• Readme badge

☆118Aug 7, 2022Updated 3 years ago

Alternatives and similar repositories for VehApiResolve

Users that are interested in VehApiResolve are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• rad9800 / TamperingSyscalls

  View on GitHub
  ☆513Aug 14, 2022Updated 3 years ago
• joe-desimone / patriot

  View on GitHub
  ☆162Jul 31, 2022Updated 3 years ago
• rad9800 / hwbp4mw

  View on GitHub
  ☆276Jan 14, 2023Updated 3 years ago
• rad9800 / WTSRM

  View on GitHub
  WTSRM
  ☆216Aug 7, 2022Updated 3 years ago
• rad9800 / BloatedHammer

  View on GitHub
  API Hammering with C++20
  ☆52Jul 21, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆116Aug 29, 2022Updated 3 years ago
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆295Dec 3, 2023Updated 2 years ago
• janoglezcampos / c_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆141Sep 12, 2022Updated 3 years ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆286May 13, 2026Updated 3 weeks ago
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆554Dec 3, 2023Updated 2 years ago
• NUL0x4C / DeleteShadowCopies

  View on GitHub
  Deleting Shadow Copies In Pure C++
  ☆118Oct 31, 2022Updated 3 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• Crypt0s / DelegationBOF

  View on GitHub
  ☆143May 4, 2022Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆377May 24, 2022Updated 4 years ago
• paranoidninja / Process-Instrumentation-Syscall-Hook

  View on GitHub
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆268Nov 18, 2022Updated 3 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• mdsecactivebreach / ParallelSyscalls

  View on GitHub
  ☆170Jan 7, 2022Updated 4 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆234Oct 18, 2022Updated 3 years ago
• WithSecureLabs / TickTock

  View on GitHub
  ☆115Oct 10, 2022Updated 3 years ago
• veryboreddd / Return-address-spoofer

  View on GitHub
  Illustrates the concept of return address spoofing, and how it is used.
  ☆14May 13, 2020Updated 6 years ago
• SolomonSklash / netntlm

  View on GitHub
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆38Jul 27, 2021Updated 4 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆624Sep 26, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• alfarom256 / StinkyLoader

  View on GitHub
  It stinks
  ☆102Apr 22, 2022Updated 4 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆306Sep 28, 2022Updated 3 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆537Aug 1, 2022Updated 3 years ago
• mgeeky / ThreadStackSpoofer

  View on GitHub
  Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation fr…
  ☆1,223Jun 17, 2022Updated 3 years ago
• med0x2e / vba2clr

  View on GitHub
  Running .NET from VBA
  ☆147Feb 11, 2023Updated 3 years ago
• lab52io / LeakedHandlesFinder

  View on GitHub
  Leaked Windows processes handles identification tool
  ☆291Mar 14, 2022Updated 4 years ago
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆302Oct 26, 2022Updated 3 years ago
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆211Nov 12, 2025Updated 6 months ago
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆270Jul 16, 2022Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,020Jun 4, 2024Updated 2 years ago
• nccgroup / DetectWindowsCopyOnWriteForAPI

  View on GitHub
  Enumerate various traits from Windows processes as an aid to threat hunting
  ☆202Jan 13, 2022Updated 4 years ago
• rad9800 / talks

  View on GitHub
  ☆73Mar 8, 2026Updated 3 months ago
• boom-cr3 / NotifyRoutineHijackThread

  View on GitHub
  Hijack NotifyRoutine for a kernelmode thread
  ☆40Jun 4, 2022Updated 4 years ago
• MalwareApiLib / MalwareApiLibrary

  View on GitHub
  collection of apis used in malware development
  ☆232Aug 2, 2022Updated 3 years ago
• paranoidninja / DotNetTracer

  View on GitHub
  C code to enable ETW tracing for Dotnet Assemblies
  ☆32Aug 12, 2022Updated 3 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆272Aug 31, 2022Updated 3 years ago