Alternatives and similar repositories for ntdll

Users that are interested in ntdll are comparing it to the libraries listed below

• sonyps5201314 / RemoveApiSets

  View on GitHub
  RemoveApiSets is a program that can replace the ApiSets Dlls that already depend on ApiSets Dlls with MSVCR14X Dlls
  ☆33Oct 6, 2024Updated last year
• sonyps5201314 / msvcr14x

  View on GitHub
  msvcr14x is a program that allows programs compiled with VC2015 and above not to rely on a bunch of useless API-Ms-win-starting DLLS
  ☆72Nov 18, 2025Updated 2 months ago
• Chuyu-Team / phnt

  View on GitHub
  Native API header files for the Process Hacker project.
  ☆15Mar 1, 2023Updated 2 years ago
• sonyps5201314 / wow64ext

  View on GitHub
  Another wow64ext to try to be compatible with WOW64 for all architectures.
  ☆98Jan 1, 2026Updated last month
• Broihon / StartRoutine

  View on GitHub
  A library with four different methods to execute shellcode in a process
  ☆26Mar 24, 2020Updated 5 years ago
• zhc341272 / HCVNC

  View on GitHub
  A vnc client dll for c#, written in c/c++ and c#, depends on TightVnc 2.7.10, so it can use Tight to push screen faster than vncsharp use…
  ☆18Nov 18, 2019Updated 6 years ago
• h4xu3lyn / NTLib

  View on GitHub
  Headers for linking your software with ntdll.dll
  ☆15Nov 4, 2020Updated 5 years ago
• ladislav-zezula / Aaa

  View on GitHub
  Shared libraries for other projects
  ☆22Dec 4, 2025Updated 2 months ago
• denghe / xxlib

  View on GitHub
  base library ( runtime & utils for cpp, c#, lua ... )
  ☆18May 13, 2024Updated last year
• Sentient111 / StealingSignatures

  View on GitHub
  Stealing signatures from pe files
  ☆15Apr 1, 2025Updated 10 months ago
• cocomelonc / 2022-04-13-malware-injection-19

  View on GitHub
  Classic DLL injection. Download dll from url and inject. Simple C++ implementation
  ☆10Apr 16, 2022Updated 3 years ago
• clod81 / loader_process_hollow_copy_in_chunk

  View on GitHub
  About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once
  ☆13Jul 14, 2022Updated 3 years ago
• enlyze / EnlyzeWinCompatLib

  View on GitHub
  Let MSVC v141_xp/Clang targeted applications run on even older Windows versions
  ☆47Mar 21, 2024Updated last year
• kanren3 / DllInject

  View on GitHub
  DllInject (Memory Load)
  ☆11Jan 5, 2019Updated 7 years ago
• quantumcore / thawne

  View on GitHub
  Thawne is a Sentinel for your Program. A trojan that Reinfects systems. It installs itself on the system it's Executed on. After which Th…
  ☆10Oct 13, 2020Updated 5 years ago
• cocomelonc / 2022-04-20-malware-pers-1

  View on GitHub
  Malware development: persistence - part 1: startup folder registry keys. C++ implementation
  ☆12Apr 21, 2022Updated 3 years ago
• wanttobeno / GetPeInfo

  View on GitHub
  v1版完成对PE头，区段，输入表的解析
  ☆11Apr 16, 2018Updated 7 years ago
• SVz / DiffAsm

  View on GitHub
  ☆13Mar 29, 2021Updated 4 years ago
• Shad0wB1ackCat / AntiCheat

  View on GitHub
  A simple DLL injection protection driver.
  ☆12Dec 21, 2020Updated 5 years ago
• TheWover / AsyncRAT-VB.NET

  View on GitHub
  Remote Administration Tool For Windows VB.NET
  ☆12Mar 19, 2019Updated 6 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 3 years ago
• xiaobo93 / UnModule_shellcode_Inject

  View on GitHub
  无模块注入工程 VS2008
  ☆11Jul 23, 2018Updated 7 years ago
• Mantraufo / Kanoninjector

  View on GitHub
  Runpe + DInvoke + Syscall
  ☆16Jun 18, 2021Updated 4 years ago
• Chuyu-Team / MSBuildCppCrossToolset

  View on GitHub
  基于MSBuild的C++跨平台工具集，让Linux、MacOS等也支持编译vcxproj。
  ☆54Sep 25, 2023Updated 2 years ago
• baiyies / CrossInject

  View on GitHub
  32 bit process inject shellcode to 32 bit process and 64 bit process
  ☆35May 8, 2023Updated 2 years ago
• ZwCreateFile / FuckDse

  View on GitHub
  Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement
  ☆14Apr 6, 2024Updated last year
• he4rtbleed / PPLL

  View on GitHub
  Protected Process Light Library
  ☆18Jun 20, 2020Updated 5 years ago
• TRIKbranch / RunPE-X86--X64-

  View on GitHub
  With this RunPE you can easily inject your payload in any x86 or x64 program.
  ☆15Jun 3, 2019Updated 6 years ago
• 474172261 / windows-CET

  View on GitHub
  ☆13May 31, 2023Updated 2 years ago
• Broihon / Import-Handler

  View on GitHub
  A small library to extend the functionality of GetModuleHandle and GetProcAddress to other processes
  ☆15Mar 23, 2020Updated 5 years ago
• r1cky33 / krnlmap

  View on GitHub
  simply manual map any system image
  ☆18Feb 1, 2021Updated 5 years ago
• SaltedFishBayonet / Kill-3X0_kill360

  View on GitHub
  Only for research and learning, not for commercial and illegal use
  ☆11Jul 22, 2019Updated 6 years ago
• rkzofficial / Horizon

  View on GitHub
  Remote Administration Tool, Server Written in C# and Client Written in C++
  ☆15Dec 8, 2022Updated 3 years ago
• AleksaMCode / AMx64

  View on GitHub
  AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…
  ☆22Dec 22, 2023Updated 2 years ago
• ntoskrnl7 / win32-ex

  View on GitHub
  Win32 API Experimental(or Extension) features
  ☆37Nov 18, 2022Updated 3 years ago
• mfxiaosheng / dwmhook

  View on GitHub
  兼容且隐蔽的DWM HOOK
  ☆64May 19, 2022Updated 3 years ago
• bb107 / WinSudo

  View on GitHub
  Execute commands as local system.
  ☆63Aug 10, 2019Updated 6 years ago
• aaaddress1 / masqueradeCmdline

  View on GitHub
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆41Dec 31, 2020Updated 5 years ago
• SecurityTimes / Process-Injection

  View on GitHub
  ☆12Nov 30, 2020Updated 5 years ago