A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks
☆28Feb 3, 2024Updated 2 years ago
Alternatives and similar repositories for InstrumentationCallbacks
Users that are interested in InstrumentationCallbacks are comparing it to the libraries listed below
Sorting:
- ☆37Sep 26, 2024Updated last year
- Windows 10/11 unsigned kernel driver load/debugging☆17Feb 17, 2023Updated 3 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Nightshade is a Windows Memory Manipluation library specifically for injecting DLLs and Game Hacking☆13Dec 12, 2022Updated 3 years ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆32May 18, 2022Updated 3 years ago
- A lock-free, high-performance logging system designed for Windows kernel drivers☆24Mar 11, 2025Updated 11 months ago
- Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement☆14Apr 6, 2024Updated last year
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- Some drivers I've written while solving exercises from Practical Reverse Engineering☆15Jan 9, 2022Updated 4 years ago
- Unmask real IP address of a domain hidden behind Cloudflare by IPs bruteforcing☆25Dec 3, 2024Updated last year
- Yet another windows syscall library☆18Jun 22, 2020Updated 5 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆21Nov 28, 2025Updated 3 months ago
- filter driver to hide files and directories☆25Feb 12, 2024Updated 2 years ago
- Collection of shellcode injection and execution techniques☆18Aug 21, 2025Updated 6 months ago
- Use WordPress pingback.ping to transfer files.☆16Feb 25, 2024Updated 2 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Kernel module that allows hiding files in any filesystem☆23Dec 20, 2024Updated last year
- ☆15Dec 16, 2020Updated 5 years ago
- Unpacker for donut shellcode☆21Jun 20, 2020Updated 5 years ago
- 将驱动映射到会话空间☆38Aug 27, 2022Updated 3 years ago
- 针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。☆21Jan 16, 2025Updated last year
- Stealing signatures from pe files☆15Apr 1, 2025Updated 10 months ago
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 3 years ago
- Helper functions for calculating the authenticode digest for a portable executable file☆21Apr 30, 2020Updated 5 years ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆88Jan 24, 2026Updated last month
- ida 对抗 花指令, 基于 ida 7.5 sdk 编写☆19Jan 22, 2024Updated 2 years ago
- ntoskrnl .data hooks for UM-KM communication☆54May 26, 2024Updated last year
- ☆56Nov 21, 2022Updated 3 years ago
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- EFI bootkit for loading unsigned drivers☆37Jun 28, 2024Updated last year
- pdb downloader☆31Feb 27, 2024Updated 2 years ago
- silence file system monitoring components by hooking their minifilters☆60Jan 31, 2024Updated 2 years ago
- Made by scammer so i leak for free ! have fun☆56Feb 26, 2023Updated 3 years ago
- 编译时混淆字符串,以确保生成的二进制PE不会暴漏明文字符串。(C++ 14 及以上)☆29Sep 30, 2021Updated 4 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆26May 12, 2023Updated 2 years ago