GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
☆32Feb 7, 2022Updated 4 years ago
Alternatives and similar repositories for Get-DLL-and-Function-Addresses
Users that are interested in Get-DLL-and-Function-Addresses are comparing it to the libraries listed below
Sorting:
- Executes shellcode from a remote server and aims to evade in-memory scanners☆32Nov 17, 2019Updated 6 years ago
- ☆13Feb 25, 2023Updated 3 years ago
- Some security by obscurity using port-jumping.☆14Aug 21, 2025Updated 6 months ago
- This repository will contain source codes from the Tradecraft improvement blog series☆14Mar 27, 2025Updated 11 months ago
- ps-like .NET Assembly for enumerating processes on the current machine or a remote machine.☆13Aug 12, 2019Updated 6 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A simple script to elevate current session to SYSTEM (needs to be run as Administrator)☆16Nov 11, 2024Updated last year
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated 3 weeks ago
- ☆210Nov 28, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated 2 years ago
- ☆33Feb 13, 2026Updated 3 weeks ago
- minimal hypervisor for aarch64 (WIP)☆31Nov 29, 2025Updated 3 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- An example of COM hijacking using a proxy DLL.☆44Aug 17, 2021Updated 4 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Nov 5, 2022Updated 3 years ago
- Templates for developing your own listeners and agents for AdaptixC2.☆45Feb 28, 2026Updated last week
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆16Nov 6, 2021Updated 4 years ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated 2 years ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆102Jan 26, 2026Updated last month
- Vectored Exception Handling Squared☆30Dec 27, 2025Updated 2 months ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD d…☆48Feb 23, 2026Updated last week
- ☆47Feb 11, 2023Updated 3 years ago
- ☆22Jul 10, 2020Updated 5 years ago
- ☆55May 31, 2025Updated 9 months ago
- ☆45Jan 1, 2023Updated 3 years ago
- ☆23Apr 28, 2024Updated last year
- Enumerate the Domain for Readable and Writable Shares☆23Nov 14, 2025Updated 3 months ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- ☆59Oct 24, 2024Updated last year
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆357Sep 1, 2022Updated 3 years ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- A library to make HTTP requests with the Windows winhttp API☆25Feb 8, 2024Updated 2 years ago
- (Demo) 3rd party agent for Havoc☆146Aug 20, 2023Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55May 8, 2023Updated 2 years ago