ricardojoserf / NativeNtdllRemapView external linksLinks
Remap ntdll.dll using only NTAPI functions with a suspended process
☆27Apr 13, 2025Updated 10 months ago
Alternatives and similar repositories for NativeNtdllRemap
Users that are interested in NativeNtdllRemap are comparing it to the libraries listed below
Sorting:
- Impersonate Tokens using only NTAPI functions☆83Apr 4, 2025Updated 10 months ago
- Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…☆81Jun 21, 2025Updated 7 months ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆59Jul 13, 2025Updated 7 months ago
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆80Apr 2, 2025Updated 10 months ago
- kernel-mode DLL Injector☆126Apr 24, 2025Updated 9 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 3 months ago
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆39Dec 2, 2025Updated 2 months ago
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- NTFS parsing library in C#. Allows one to parse and read NTFS structures on disk.☆32Jul 16, 2021Updated 4 years ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆99Jul 9, 2025Updated 7 months ago
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Scripts that automate portions of pentests.☆57Updated this week
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 9 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆307Mar 31, 2025Updated 10 months ago
- ☆83May 19, 2024Updated last year
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆81Jan 26, 2026Updated 2 weeks ago
- ☆12Jan 21, 2019Updated 7 years ago
- Chrome browser extension-based Command & Control☆232Jul 2, 2025Updated 7 months ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- ☆14Aug 22, 2022Updated 3 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated 11 months ago
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…☆32Oct 3, 2025Updated 4 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆119Dec 23, 2025Updated last month
- Decrypt SCCM and DPAPI secrets with Powershell.☆45Jun 24, 2025Updated 7 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- ☆19Sep 17, 2025Updated 4 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆161Aug 30, 2025Updated 5 months ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆141Apr 21, 2022Updated 3 years ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆40Mar 6, 2025Updated 11 months ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆50Feb 13, 2025Updated last year
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- Active Directory Password Spray Testing Utility in Go☆18Mar 22, 2024Updated last year