0ffffffffh/system_call_hook_win10_1903 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

0ffffffffh/system_call_hook_win10_1903

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0ffffffffh/system_call_hook_win10_1903)

Close

0ffffffffh / system_call_hook_win10_1903View on GitHubMore

• External links
• Readme badge

This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness

☆58Sep 12, 2019Updated 6 years ago

Alternatives and similar repositories for system_call_hook_win10_1903

Users that are interested in system_call_hook_win10_1903 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Rat431 / ColdKernel_KUSER

  View on GitHub
  A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.
  ☆27Jan 7, 2020Updated 6 years ago
• yjugl / mitimon

  View on GitHub
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆31Oct 7, 2022Updated 3 years ago
• anzelesnik / MySyscall

  View on GitHub
  Example of hijacking system calls via function pointer tables
  ☆31Jun 26, 2021Updated 4 years ago
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆146Feb 23, 2019Updated 7 years ago
• Zero-Tang / SimpleWhpDemo

  View on GitHub
  Simple Demo of using Windows Hypervisor Platform
  ☆29Jul 14, 2025Updated 8 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• amiryeshurun / HyperWin-Communication-Driver

  View on GitHub
  A driver that supports communication between a Windows guest and HyperWin
  ☆15Jan 6, 2021Updated 5 years ago
• Ynob2000 / pvC

  View on GitHub
  ☆15Oct 7, 2020Updated 5 years ago
• Lima-X / Singularity

  View on GitHub
  x64 PE-COFF virtualization driven obfuscation engine
  ☆58Oct 14, 2022Updated 3 years ago
• zhuhuibeishadiao / PatchGuardResearch

  View on GitHub
  win10 pgContext dynamic dump (btc version)
  ☆110Jan 15, 2020Updated 6 years ago
• yardenshafir / DpcWait

  View on GitHub
  Driver demonstrating how to register a DPC to asynchronously wait on an object
  ☆51Jan 15, 2021Updated 5 years ago
• Nerlant / SyscallDumper

  View on GitHub
  ☆19Jun 20, 2019Updated 6 years ago
• ajkhoury / pubg_internal

  View on GitHub
  ☆31Oct 1, 2021Updated 4 years ago
• KelvinMsft / NoTruth

  View on GitHub
  ☆99Oct 6, 2017Updated 8 years ago
• rbapat / KernelInjector

  View on GitHub
  Stealthy Injector that leverages a vulnerable driver and other exploits to remain undetected
  ☆37Dec 10, 2018Updated 7 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• gigabitwize / dank

  View on GitHub
  Driver Loader/BE Bypass/Win Malware(lol)
  ☆36Jun 25, 2019Updated 6 years ago
• moccajoghurt / MemWars

  View on GitHub
  ☆44Oct 7, 2018Updated 7 years ago
• DownWithUp / ALPC-Example

  View on GitHub
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆118Jan 21, 2025Updated last year
• KelvinMsft / Notes

  View on GitHub
  Open Course for diving security internal
  ☆52Nov 11, 2019Updated 6 years ago
• thesecretclub / window_hijack

  View on GitHub
  Rendering on external windows via hijacking thread contexts
  ☆406Jun 28, 2020Updated 5 years ago
• avakar / vcrtl

  View on GitHub
  C++ Exceptions in Windows Drivers
  ☆223Dec 21, 2020Updated 5 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• maxkray13 / Cvc

  View on GitHub
  Communication via callback
  ☆73Oct 9, 2019Updated 6 years ago
• 0xcpu / ExecutiveCallbackObjects

  View on GitHub
  Research on Windows Kernel Executive Callback Objects
  ☆316Feb 22, 2020Updated 6 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• cs1ime / DICHook

  View on GitHub
  Hook NtDeviceIoControlFile with PatchGuard
  ☆107May 10, 2022Updated 3 years ago
• aaaddress1 / wow64Jit

  View on GitHub
  Call 32bit NtDLL API directly from WoW64 Layer
  ☆62Nov 18, 2020Updated 5 years ago
• niemand-sec / Reversing-XignCode3-Driver

  View on GitHub
  I'm going to be dropping code from the XC3 Driver (result of reversing the driver)
  ☆72Jan 31, 2020Updated 6 years ago
• tcpie / hook_any_x64

  View on GitHub
  Easily hook WIN32 x64 functions
  ☆18Feb 19, 2025Updated last year
• MiroKaku / Learning-Example

  View on GitHub
  For Example. See Miro's Blog
  ☆30Nov 26, 2022Updated 3 years ago
• fengjixuchui / CodaPinTracer

  View on GitHub
  Lightweight WINAPI tracing with Pin
  ☆27Aug 22, 2019Updated 6 years ago
• BrunoMCBraga / Kernel-Whisperer

  View on GitHub
  ☆29Jan 15, 2021Updated 5 years ago
• turingcompl33t / windows-internals

  View on GitHub
  Exploring Windows Internals.
  ☆64Aug 18, 2020Updated 5 years ago
• NoMercy-ac / SystemHealthCheck

  View on GitHub
  Windows system repair tool
  ☆18Jun 2, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆241Nov 6, 2019Updated 6 years ago
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Mar 11, 2021Updated 5 years ago
• alfarom256 / MinifilterResearch

  View on GitHub
  ☆17Oct 31, 2022Updated 3 years ago
• anzelesnik / SyscallHook

  View on GitHub
  System call hook for Windows 10 20H1
  ☆495Jun 26, 2021Updated 4 years ago
• trashvisor / Trashvisor

  View on GitHub
  The trashvisor
  ☆12Oct 25, 2020Updated 5 years ago
• Vicshann / GInjer

  View on GitHub
  Global DLL injector
  ☆71May 16, 2021Updated 4 years ago
• zouxianyu / KernelHiddenExecute

  View on GitHub
  Hide codes/data in the kernel address space.
  ☆187May 8, 2021Updated 4 years ago