Source code of exploiting windows API for red teaming series
☆152Sep 25, 2022Updated 3 years ago
Alternatives and similar repositories for WinAPI-RedBlue
Users that are interested in WinAPI-RedBlue are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆96Mar 8, 2023Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆234Jun 10, 2022Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆503Feb 3, 2022Updated 4 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆250Aug 13, 2020Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆55Jul 11, 2021Updated 4 years ago
- Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.☆117Feb 9, 2022Updated 4 years ago
- It stinks☆103Apr 22, 2022Updated 4 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆949Jul 20, 2024Updated last year
- Six cases demonstrating methods of optimizing GetProcAddress☆19Jan 3, 2022Updated 4 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆460Oct 25, 2021Updated 4 years ago
- A tool to kill antimalware protected processes☆1,511Jun 19, 2021Updated 4 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Execute Mimikatz with different technique☆51Nov 8, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Dec 10, 2021Updated 4 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆566Apr 8, 2025Updated last year
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Various ways to execute shellcode☆510Mar 13, 2024Updated 2 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,413Nov 22, 2023Updated 2 years ago
- ☆1,075May 18, 2024Updated last year
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,166Mar 31, 2021Updated 5 years ago
- ☆780Oct 17, 2023Updated 2 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆144Jan 9, 2022Updated 4 years ago
- A BOF to determine Windows Defender exclusions.☆255Jun 25, 2023Updated 2 years ago
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)☆254Sep 15, 2022Updated 3 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 4 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆112Jul 15, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- miscellaneous scripts and programs☆281Jan 23, 2025Updated last year
- ☆186Jan 5, 2021Updated 5 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,384Oct 27, 2023Updated 2 years ago
- Spawn Up quickly Elastic EDR Panel☆16Jan 29, 2022Updated 4 years ago
- Win32 and Kernel abusing techniques for pentesters☆978Sep 3, 2023Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago