DarthTon/Blackbone

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/DarthTon/Blackbone)

DarthTon / Blackbone

Windows memory hacking library

☆5,346

Alternatives and similar repositories for Blackbone

Users that are interested in Blackbone are comparing it to the libraries listed below

Sorting:

DarthTon / Xenos
View on GitHub
Windows dll injector
☆2,490May 17, 2021Updated 4 years ago
everdox / InfinityHook
View on GitHub
Hook system calls, context switches, page faults and more.
☆2,637May 9, 2023Updated 2 years ago
mrexodia / TitanHide
View on GitHub
Hiding kernel-driver for x86/x64.
☆2,619Sep 2, 2025Updated 6 months ago
HoShiMin / Kernel-Bridge
View on GitHub
Windows kernel hacking framework, driver template, hypervisor and API written on C++
☆1,802Nov 12, 2023Updated 2 years ago
tandasat / DdiMon
View on GitHub
Monitoring and controlling kernel API calls with stealth hook using EPT
☆1,358Jan 22, 2022Updated 4 years ago
9176324 / Shark
View on GitHub
Turn off PatchGuard in real time for win7 (7600) ~ later
☆1,037Apr 21, 2022Updated 3 years ago
fancycode / MemoryModule
View on GitHub
Library to load a DLL from memory.
☆3,107Jan 3, 2024Updated 2 years ago
DarthTon / HyperBone
View on GitHub
Minimalistic VT-x hypervisor with hooks
☆931Oct 18, 2019Updated 6 years ago
TsudaKageyu / minhook
View on GitHub
The Minimalistic x86/x64 API Hooking Library for Windows
☆5,574Nov 3, 2025Updated 4 months ago
tandasat / HyperPlatform
View on GitHub
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
☆1,728Nov 24, 2023Updated 2 years ago
wbenny / injdrv
View on GitHub
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
☆1,270May 1, 2024Updated last year
ayoubfaouzi / al-khaser
View on GitHub
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
☆6,868Updated this week
hfiref0x / KDU
View on GitHub
Kernel Driver Utility
☆2,422Feb 17, 2026Updated 2 weeks ago
JKornev / hidden
View on GitHub
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
☆2,005Jul 13, 2022Updated 3 years ago
stevemk14ebr / PolyHook_2_0
View on GitHub
C++20, x86/x64 Hooking Libary v2.0
☆1,822Nov 16, 2025Updated 3 months ago
Mattiwatti / EfiGuard
View on GitHub
Disable PatchGuard and Driver Signature Enforcement at boot time
☆2,295Aug 3, 2025Updated 7 months ago
AxtMueller / Windows-Kernel-Explorer
View on GitHub
A free but powerful Windows kernel research tool.
☆2,654Dec 14, 2025Updated 2 months ago
iPower / KasperskyHook
View on GitHub
Hook system calls on Windows by using Kaspersky's hypervisor
☆1,281Feb 14, 2026Updated 2 weeks ago
TheCruZ / kdmapper
View on GitHub
KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
☆2,780Dec 23, 2025Updated 2 months ago
stephenfewer / ReflectiveDLLInjection
View on GitHub
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…
☆3,231Sep 3, 2022Updated 3 years ago
JustasMasiulis / lazy_importer
View on GitHub
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
☆1,903Aug 3, 2023Updated 2 years ago
HyperDbg / HyperDbg
View on GitHub
State-of-the-art native debugging tools
☆3,654Feb 24, 2026Updated last week
can1357 / ByePg
View on GitHub
Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
☆902Nov 21, 2019Updated 6 years ago
ExpLife0011 / awesome-windows-kernel-security-development
View on GitHub
windows kernel security development
☆2,056Sep 6, 2022Updated 3 years ago
monoxgas / sRDI
View on GitHub
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
☆2,503Nov 15, 2023Updated 2 years ago
rwfpl / rewolf-wow64ext
View on GitHub
Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.
☆1,002Jan 17, 2023Updated 3 years ago
hfiref0x / TDL
View on GitHub
Driver loader for bypassing Windows x64 Driver Signature Enforcement
☆1,193Aug 1, 2019Updated 6 years ago
Air14 / HyperHide
View on GitHub
Hypervisor based anti anti debug plugin for x64dbg
☆1,564Jul 8, 2024Updated last year
microsoft / Detours
View on GitHub
Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
☆6,153Dec 15, 2025Updated 2 months ago
x64dbg / ScyllaHide
View on GitHub
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
☆4,010Jun 4, 2024Updated last year
hzqst / unicorn_pe
View on GitHub
Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
☆915Dec 29, 2025Updated 2 months ago
hfiref0x / UPGDSED
View on GitHub
Universal PatchGuard and Driver Signature Enforcement Disable
☆861Mar 29, 2019Updated 6 years ago
can1357 / NoVmp
View on GitHub
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
☆2,083Aug 8, 2021Updated 4 years ago
hfiref0x / WinObjEx64
View on GitHub
Windows Object Explorer 64-bit
☆1,888Updated this week
hasherezade / pe_to_shellcode
View on GitHub
Converts PE into a shellcode
☆2,745Aug 30, 2025Updated 6 months ago
btbd / access
View on GitHub
Access without a real handle
☆1,037Apr 10, 2021Updated 4 years ago
can1357 / ThePerfectInjector
View on GitHub
Literally, the perfect injector.
☆977Apr 13, 2023Updated 2 years ago
hasherezade / pe-sieve
View on GitHub
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
☆3,562Oct 31, 2025Updated 4 months ago
zyantific / zydis
View on GitHub
Fast and lightweight x86/x86-64 disassembler and code generation library
☆4,093Dec 8, 2025Updated 2 months ago