Remap ntdll.dll using only NTAPI functions with a suspended process
☆27Apr 13, 2025Updated 10 months ago
Alternatives and similar repositories for NativeNtdllRemap
Users that are interested in NativeNtdllRemap are comparing it to the libraries listed below
Sorting:
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆82Jun 21, 2025Updated 8 months ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆60Jul 13, 2025Updated 7 months ago
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆81Apr 2, 2025Updated 11 months ago
- kernel-mode DLL Injector☆127Apr 24, 2025Updated 10 months ago
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆40Dec 2, 2025Updated 3 months ago
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.☆32Jul 16, 2021Updated 4 years ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆102Jul 9, 2025Updated 7 months ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Scripts that automate portions of pentests.☆57Updated this week
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 10 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- ☆84May 19, 2024Updated last year
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- ☆13Jan 21, 2019Updated 7 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Chrome browser extension-based Command & Control☆239Jul 2, 2025Updated 8 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- Decrypt SCCM and DPAPI secrets with Powershell.☆45Jun 24, 2025Updated 8 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆122Dec 23, 2025Updated 2 months ago
- ☆19Sep 17, 2025Updated 5 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated last year
- ☆15Aug 22, 2022Updated 3 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…☆32Oct 3, 2025Updated 5 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆162Aug 30, 2025Updated 6 months ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆144Apr 21, 2022Updated 3 years ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆40Mar 6, 2025Updated last year
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- Active Directory Password Spray Testing Utility in Go☆18Mar 22, 2024Updated last year
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago