tastypepperoni/RunAsWinTcb external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tastypepperoni/RunAsWinTcb

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tastypepperoni/RunAsWinTcb)

Close

tastypepperoni / RunAsWinTcbView on GitHubMore

• External links
• Readme badge

☆137Aug 2, 2022Updated 3 years ago

Alternatives and similar repositories for RunAsWinTcb

Users that are interested in RunAsWinTcb are comparing it to the libraries listed below

• Wh04m1001 / DiagTrackEoP

  View on GitHub
  ☆88Jul 31, 2022Updated 3 years ago
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆116Nov 19, 2022Updated 3 years ago
• rad9800 / VehApiResolve

  View on GitHub
  ☆118Aug 7, 2022Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆293Dec 3, 2023Updated 2 years ago
• fortra / CreateProcess

  View on GitHub
  A small PoC that creates processes in Windows
  ☆187Jun 6, 2024Updated last year
• thefLink / DeepSleep

  View on GitHub
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆374May 24, 2022Updated 3 years ago
• Kudaes / Elevator

  View on GitHub
  UAC bypass by abusing RPC and debug objects.
  ☆627Oct 19, 2023Updated 2 years ago
• plackyhacker / CmdLineSpoofer

  View on GitHub
  How to spoof the command line when spawning a new process from C#.
  ☆110Dec 28, 2021Updated 4 years ago
• BlackOfWorld / NtCreateUserProcess

  View on GitHub
  A small NtCreateUserProcess PoC that spawns a Command prompt.
  ☆102Aug 25, 2022Updated 3 years ago
• bananabr / Givemeahand

  View on GitHub
  A PoC tool for exploiting leaked process and thread handles
  ☆32Feb 13, 2024Updated 2 years ago
• trickster0 / TartarusGate

  View on GitHub
  TartarusGate, Bypassing EDRs
  ☆653Jan 25, 2022Updated 4 years ago
• Henkru / cs-token-vault

  View on GitHub
  In-memory token vault BOF for Cobalt Strike
  ☆149Aug 18, 2022Updated 3 years ago
• N4kedTurtle / LocalDllParse

  View on GitHub
  ☆53Nov 11, 2021Updated 4 years ago
• gabriellandau / PPLFault

  View on GitHub
  ☆564Feb 22, 2024Updated 2 years ago
• janoglezcampos / DeathSleep

  View on GitHub
  A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
  ☆536Aug 1, 2022Updated 3 years ago
• deepinstinct / Lsass-Shtinkering

  View on GitHub
  ☆383Jan 19, 2023Updated 3 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated last year
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• MalwareApiLib / MalwareApiLibrary

  View on GitHub
  collection of apis used in malware development
  ☆229Aug 2, 2022Updated 3 years ago
• Octoberfest7 / KDStab

  View on GitHub
  BOF combination of KillDefender and Backstab
  ☆167Mar 23, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,006Jun 4, 2024Updated last year
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆989Dec 4, 2022Updated 3 years ago
• APTortellini / unDefender

  View on GitHub
  Killing your preferred antimalware by abusing native symbolic links and NT paths.
  ☆358Jan 29, 2022Updated 4 years ago
• GhostPack / Koh

  View on GitHub
  The Token Stealer
  ☆512Jul 13, 2022Updated 3 years ago
• GetRektBoy724 / HalosUnhooker

  View on GitHub
  Halos Gate-based NTAPI Unhooker
  ☆52Apr 21, 2022Updated 3 years ago
• SECFORCE / SharpWhispers

  View on GitHub
  C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
  ☆111Apr 14, 2023Updated 2 years ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆277Jan 23, 2025Updated last year
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆889Jul 24, 2022Updated 3 years ago
• wavestone-cdt / EDRSandblast

  View on GitHub
  ☆1,787Aug 30, 2024Updated last year
• preemptdev / bluffy

  View on GitHub
  Convert shellcode into different formats!
  ☆358Jan 24, 2023Updated 3 years ago
• joe-desimone / patriot

  View on GitHub
  ☆153Jul 31, 2022Updated 3 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆622Sep 26, 2023Updated 2 years ago
• Wh04m1001 / IFaultrepElevatedDataCollectionUAC

  View on GitHub
  ☆132Oct 14, 2022Updated 3 years ago
• frkngksl / HintInject

  View on GitHub
  A PoC project for embedding shellcode to Hint/Name Table
  ☆113May 16, 2022Updated 3 years ago
• aaaddress1 / PR0CESS

  View on GitHub
  some gadgets about windows process and ready to use :)
  ☆611Oct 7, 2023Updated 2 years ago
• itm4n / Pentest-Windows

  View on GitHub
  Windows internals and exploitation tricks
  ☆112Nov 9, 2025Updated 3 months ago
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆270Jul 16, 2022Updated 3 years ago