tastypepperoni/RunAsWinTcb external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tastypepperoni/RunAsWinTcb

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tastypepperoni/RunAsWinTcb)

Close

tastypepperoni / RunAsWinTcbView on GitHubMore

• External links
• Readme badge

☆138Aug 2, 2022Updated 3 years ago

Alternatives and similar repositories for RunAsWinTcb

Users that are interested in RunAsWinTcb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Wh04m1001 / DiagTrackEoP

  View on GitHub
  ☆88Jul 31, 2022Updated 3 years ago
• tastypepperoni / PPLBlade

  View on GitHub
  Protected Process Dumper Tool
  ☆590Aug 30, 2023Updated 2 years ago
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆115Nov 19, 2022Updated 3 years ago
• fortra / CreateProcess

  View on GitHub
  A small PoC that creates processes in Windows
  ☆187Jun 6, 2024Updated last year
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆628Oct 19, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• rad9800 / VehApiResolve

  View on GitHub
  ☆119Aug 7, 2022Updated 3 years ago
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆378May 24, 2022Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆293Dec 3, 2023Updated 2 years ago
• plackyhacker / CmdLineSpoofer

  View on GitHub
  How to spoof the command line when spawning a new process from C#.
  ☆111Dec 28, 2021Updated 4 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆150Aug 18, 2022Updated 3 years ago
• Octoberfest7 / KDStab

  View on GitHub
  BOF combination of KillDefender and Backstab
  ☆167Mar 23, 2023Updated 3 years ago
• APTortellini / unDefender

  View on GitHub
  Killing your preferred antimalware by abusing native symbolic links and NT paths.
  ☆360Jan 29, 2022Updated 4 years ago
• gabriellandau / PPLFault

  View on GitHub
  ☆568Feb 22, 2024Updated 2 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆892Jul 24, 2022Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• deepinstinct / Lsass-Shtinkering

  View on GitHub
  ☆382Jan 19, 2023Updated 3 years ago
• trickster0 / TartarusGate

  View on GitHub
  TartarusGate, Bypassing EDRs
  ☆662Jan 25, 2022Updated 4 years ago
• bananabr / Givemeahand

  View on GitHub
  A PoC tool for exploiting leaked process and thread handles
  ☆34Feb 13, 2024Updated 2 years ago
• N4kedTurtle / LocalDllParse

  View on GitHub
  ☆53Nov 11, 2021Updated 4 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆535Aug 1, 2022Updated 3 years ago
• MalwareApiLib / MalwareApiLibrary

  View on GitHub
  collection of apis used in malware development
  ☆231Aug 2, 2022Updated 3 years ago
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆994Dec 4, 2022Updated 3 years ago
• SECFORCE / SharpWhispers

  View on GitHub
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆111Apr 14, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated last year
• arsium / ShellCodeExec

  View on GitHub
  My personal shellcode loader
  ☆31Mar 9, 2023Updated 3 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,014Jun 4, 2024Updated last year
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• BlackOfWorld / NtCreateUserProcess

  View on GitHub
  A small NtCreateUserProcess PoC that spawns a Command prompt.
  ☆105Apr 11, 2026Updated 3 weeks ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆66Mar 19, 2024Updated 2 years ago
• uf0o / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆84Feb 26, 2022Updated 4 years ago
• wavestone-cdt / EDRSandblast

  View on GitHub
  ☆1,812Aug 30, 2024Updated last year
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆219Feb 20, 2023Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Wh04m1001 / IFaultrepElevatedDataCollectionUAC

  View on GitHub
  ☆132Oct 14, 2022Updated 3 years ago
• NUL0x4C / EtwSessionHijacking

  View on GitHub
  A Poc on blocking Procmon from monitoring network events
  ☆112Aug 7, 2025Updated 8 months ago
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆270Jul 16, 2022Updated 3 years ago
• SpikySabra / Kernel-Cactus

  View on GitHub
  It's pointy and it hurts!
  ☆126Oct 18, 2022Updated 3 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆623Sep 26, 2023Updated 2 years ago
• aaaddress1 / xlsKami

  View on GitHub
  Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets
  ☆48Aug 4, 2021Updated 4 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 3 years ago