Benefits of Using APIs

WinApis are generally better than using commands to execute code or to gather info. The Pros of using APIs are: 
1.Bypass command line logging(Defender may look specifically at LOLBins)
2.Confuse our activity with regular applications
3.May have additional functionality or for compatibility reasons
Here are some code snippets of using APIs for persistence:
Service Creation
SC_HANDLE hManager = OpenSCManager( NULL, NULL, SC_MANAGER_ALL_ACCESS );
SC_HANDLE service = CreateService(
    hManager,
    "ServiceName",
    "Display Name",
    GENERIC_READ | GENERIC_EXECUTE,
    SERVICE_WIN32_OWN_PROCESS,
    SERVICE_AUTO_START,
    SERVICE_ERROR_IGNORE,
    "C:\\Windows\\System32\\cmd.exe",
    NULL, NULL, NULL, NULL, NULL
);
​
Pivoting
Thread-less Payload Execution
Last modified 1yr ago