DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
☆53Mar 12, 2024Updated 2 years ago
Alternatives and similar repositories for directntapi
Users that are interested in directntapi are comparing it to the libraries listed below
Sorting:
- fyyre.l2-fashion.de .. old site☆17Apr 27, 2022Updated 3 years ago
- ☆34Jul 28, 2018Updated 7 years ago
- Monitor adapter, Fake DNS, Tunnel, and DHCP combined into one Windows Service☆12Apr 19, 2015Updated 10 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- ARMv7 detour function for hooking junk (no thumb support, unaligned accesses are not atomic)☆16Feb 5, 2017Updated 9 years ago
- Simple program for static hooking dynamic libraries in executable application☆24Jan 15, 2014Updated 12 years ago
- This project demonstares an illegal read- and write- access to the kernel-mode data for both allocated by 3rd party drivers and EPROCESS …☆13Mar 6, 2018Updated 8 years ago
- ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h☆150Mar 7, 2026Updated 2 weeks ago
- Zerokit shared code☆17Mar 28, 2019Updated 6 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Kernel Detective☆151Mar 7, 2026Updated 2 weeks ago
- ☆18Dec 5, 2016Updated 9 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- Simple tool to add imports recovered by VMSweeper (by Vamit) to VMProtect dump file☆14Jun 27, 2017Updated 8 years ago
- x86_x64 emulator☆16Jun 23, 2015Updated 10 years ago
- init☆14Mar 16, 2020Updated 6 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 weeks ago
- HadesMem is a C++-based memory hacking library for Windows based applications, with the goal of providing a safe, generic, powerful, and …☆28Jan 7, 2015Updated 11 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆58Sep 22, 2019Updated 6 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆113Aug 28, 2016Updated 9 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- ☆16Jan 27, 2019Updated 7 years ago
- NT reversal☆25Jul 12, 2018Updated 7 years ago
- Reversing and reimplementing "powercfg /requests" using Native API☆30Jul 25, 2024Updated last year
- ☆34Sep 22, 2017Updated 8 years ago
- Wow64 syscall hook☆43May 28, 2017Updated 8 years ago
- Hypervisor based tool for monitoring system register accesses.☆154Sep 13, 2018Updated 7 years ago
- a windows kernel keylogger that works☆20Feb 12, 2024Updated 2 years ago
- PE/PE +(64bit) Viewer (Qt 5.8)☆10Aug 3, 2018Updated 7 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- 2022 Updated Kernelmode-Code☆33Mar 23, 2024Updated last year
- Rootkit。 进程监控。☆11Jul 19, 2016Updated 9 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆182Nov 30, 2017Updated 8 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆16Oct 18, 2016Updated 9 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆53Oct 14, 2018Updated 7 years ago