Windows Anti-Rootkit Tool
☆545Dec 31, 2025Updated 2 months ago
Alternatives and similar repositories for WinArk
Users that are interested in WinArk are comparing it to the libraries listed below
Sorting:
- Radical Windows ARK☆251Apr 18, 2025Updated 10 months ago
- The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.☆407Jul 12, 2024Updated last year
- ☆223Mar 11, 2023Updated 2 years ago
- InfinityHookPro Win7 -> Win11 latest☆551Feb 7, 2023Updated 3 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Sep 1, 2022Updated 3 years ago
- Collection of undocumented Windows API declarations.☆343Jan 22, 2026Updated last month
- a debugger use vt technology☆356Jun 30, 2022Updated 3 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆176Sep 13, 2024Updated last year
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆118May 29, 2025Updated 8 months ago
- 从MmPfnData中枚举进程和页目录基址☆205Aug 18, 2023Updated 2 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆284Jan 27, 2025Updated last year
- Lightweight Intel VT-x Hypervisor.☆661Dec 17, 2024Updated last year
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆180Jun 1, 2025Updated 8 months ago
- ☆307May 11, 2023Updated 2 years ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,037Apr 21, 2022Updated 3 years ago
- ☆144Dec 10, 2022Updated 3 years ago
- The program draws with win32k gdi functions in the kernel while NtGdiDdDDISubmitCommand is being hooked.☆344Apr 27, 2020Updated 5 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- an encryption library designed for Windows kernel and driver programming☆123Aug 4, 2023Updated 2 years ago
- a monitoring windows driver calls kernel api tools☆126Jul 5, 2024Updated last year
- Kernel Anit Anit Debug Plugins 内核反反调试插件☆479Aug 31, 2021Updated 4 years ago
- ☆174Mar 9, 2022Updated 3 years ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,278Feb 14, 2026Updated last week
- query-pdb is a server-side software for parsing PDB files. The software provides PDB online parsing service.☆168Oct 27, 2025Updated 4 months ago
- ☆225Feb 21, 2023Updated 3 years ago
- ☆193May 1, 2023Updated 2 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆356Mar 22, 2022Updated 3 years ago
- Hypervisor based anti anti debug plugin for x64dbg☆1,559Jul 8, 2024Updated last year
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆541Sep 2, 2022Updated 3 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Kernel driver that .text hooks a syscall in dxgkrnl.sys which can be called from our user-mode client to send instructions like rpm/wpm a…☆207Dec 16, 2022Updated 3 years ago
- It's a minifilter used for transparent-encrypting.☆343Jul 28, 2025Updated 7 months ago
- A free but powerful Windows kernel research tool.☆2,650Dec 14, 2025Updated 2 months ago
- Windows kernel hacking framework, driver template, hypervisor and API written on C++☆1,803Nov 12, 2023Updated 2 years ago
- Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent☆628Dec 26, 2024Updated last year
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆915Dec 29, 2025Updated 2 months ago
- WKTools Is a Power Windows Kernel Tools☆348Apr 25, 2025Updated 10 months ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆443Nov 29, 2021Updated 4 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 6 years ago