ntapi

There are 23 repositories under ntapi topic.

M2TeamArchived/NSudo
[Deprecated, work in progress alternative: https://github.com/M2Team/NanaRun] Series of System Administration Tools
Language:C++2k 71 50223
ricardojoserf/NativeDump
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
Language:C#578 7 485
ricardojoserf/TrickDump
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
Language:C#437 1 149
f1zm0/hades
Go shellcode loader that combines multiple evasion techniques
Language:Go364 8 146
ricardojoserf/NativeBypassCredGuard
Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
Language:C#233 3 027
diversenok/NtTools
Some random system tools for Windows
Language:Pascal111 7 025
voidvxvt/HellBunny
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Language:C98 3 119
tenox7/regln
Windows Rregistry Linking Utility
Language:C49 5 511
brosck/APIHookingDetector
「⚙️」Detect which native Windows API's (NtAPI) are being hooked
Language:C++38 3 08
lzcapp/NotMe-BSOD
Codes that could trigger BSOD (Blue Screen of Death) on Windows.
Language:C18 1 01
diversenok/Things-AppContainer-Knows
Disclosing information from an AppContainer.
Language:Pascal16 3 07
MauriceKayser/rs-winapi2
Microsoft Windows user-mode API access with clean Rust types.
Language:Rust14 1 12
reverseame/winapi-categories
Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
Language:Python14 2 11
apriorit/APIHookingLibraries
Samples that shows how to use API Hook libraries: Detours, Deviare, MHook, EasyHook to hide files with the "+/*.txt" file name pattern.
Language:C++11 3 08
KNSoft/KNSoft.NDK
KNSoft.NDK provides native C/C++ definitions and import libraries for Windows NT and some specifications.
Language:C11 1 12
krystianbajno/winapi-search
💠 Documented and undocumented WinAPI search.
Language:TypeScript8 1 00
dz333n/ReactOS-Kernel
Win32less fork of ReactOS (only kernel and NT programs)
Language:C7 2 01
vertver/WindowsHacks
Windows Hacks by Windows Programmer
Language:C++7 2 01
Print3M/malware-dev
Windows malware development C/C++ snippets.
Language:C6 1 00
arimaqz/winapi-obfuscator
obfuscate WINAPI/NTAPI calls easily.
Language:Python4 1 01
marv2097/gontapi
A golang wrapper for Napatech's API - Allows packet capture directly into go applications with the use of NTPL filters.
Language:Go2 1 01
0xvpr/offensive-kernel-mode-c
A dedicated repository for exploring offensive kernel-mode techniques.
Language:C1 1 0
0xvpr/anti-debugging-mingw-x64
x64 rewrite of GuidedHacking's Anti-debugging techniques on a (bad looking) Win32 application.
Language:C++

ntapi

M2TeamArchived/NSudo

ricardojoserf/NativeDump

ricardojoserf/TrickDump

f1zm0/hades

ricardojoserf/NativeBypassCredGuard

diversenok/NtTools

voidvxvt/HellBunny

tenox7/regln

brosck/APIHookingDetector

lzcapp/NotMe-BSOD

diversenok/Things-AppContainer-Knows

MauriceKayser/rs-winapi2

reverseame/winapi-categories

apriorit/APIHookingLibraries

KNSoft/KNSoft.NDK

krystianbajno/winapi-search

dz333n/ReactOS-Kernel

vertver/WindowsHacks

Print3M/malware-dev

arimaqz/winapi-obfuscator

marv2097/gontapi

0xvpr/offensive-kernel-mode-c

0xvpr/anti-debugging-mingw-x64