NtApiDotNet 1.1.28

A .NET class library to access native NT API system calls

Install-Package NtApiDotNet -Version 1.1.28
dotnet add package NtApiDotNet --version 1.1.28
<PackageReference Include="NtApiDotNet" Version="1.1.28" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add NtApiDotNet --version 1.1.28
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Release Notes

1.1.28
--------
* Added Import-Win32Module and Get-Win32Module.
* Added support for Registry Keys in the NtObjectManager provider.
* Added Get-NtDirectoryEntry.
* Added Win32 CreateRemoteThread.
* Added addition Registry Key functions.
* Added Network Authentication commands.
* Added Authentication Token formatting commands.
* Added new filtering features to TokenViewer.
* Improved cmdlets for getting and setting object information classes.
* Added Add-NtSection and Remove-NtSection.
* Added Compare-NtObject.
* Added Test-NtTokenPrivilege.
* Added type parsing from PDBs via SymbolResolver.
* Added a summary format to Format-NtSecurityDescriptor.
* Added Out-HexDump.
* Added C# compiler support for .NET Core Support of Get-RpcClient.
* Updated New-NtSecurityDescriptor and Edit-NtSecurityDescriptor.
* Basic C++ NDR formatting from irsl@.
* Added Format-NtJob.
* Added New-NtSecurityAttribute and Get-NtAceConditionData.
* Added Device/User Claims to Token Viewer and Format-NtToken.
* Added many different commands to manipulate Security Descriptors.
* Added Win32 Security Descriptor commands.
* Added filtering for accessible path commands.
* Added Audit support.
* Added basic AuthZ API support.
* Added basic ASN.1 DER parsing and Format-ASN1DER command.
* Added Kerberos Keytab file reading and writing.

Dependencies

This package has no dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories (4)

Showing the top 4 popular GitHub repositories that depend on NtApiDotNet:

Repository Stars
tyranid/oleviewdotnet
A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
RedCursorSecurityConsulting/CVE-2020-0668
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
tyranid/WindowsRpcClients
This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.
atredispartners/CVE-2018-0952-SystemCollector
PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service

Version History

Version Downloads Last updated
1.1.28 629 6/30/2020
1.1.27 1,084 2/10/2020
1.1.26 360 1/21/2020
1.1.25 223 1/2/2020
1.1.24 263 12/10/2019
1.1.23 435 10/18/2019
1.1.22 1,274 4/30/2019
1.1.21 754 4/23/2019
1.1.20 494 3/9/2019
1.1.19 775 2/4/2019
1.1.18.1 200 2/4/2019
1.1.18 194 2/4/2019
1.1.17 1,475 9/9/2018
1.1.16 626 8/1/2018
1.1.15 606 6/18/2018
1.1.14 583 5/1/2018
1.1.13 521 4/4/2018
1.1.12 664 3/19/2018
1.1.11 528 3/4/2018
1.1.10 776 3/1/2018
1.1.9 949 2/22/2018
1.1.8 707 2/6/2018
1.1.7 998 1/11/2018
1.1.6 457 12/3/2017
1.1.5 468 11/23/2017
1.1.4 572 11/14/2017
1.1.3 622 11/5/2017
1.1.2 697 10/11/2017
1.1.1 603 8/30/2017
1.1.0 366 8/30/2017
1.0.9 387 8/19/2017
1.0.8 493 8/7/2017
1.0.7 486 6/14/2017
1.0.4 409 5/17/2017