Alternatives and similar repositories for Win32kHooker

Users that are interested in Win32kHooker are comparing it to the libraries listed below

• MM0x02 / RSS-Push

  View on GitHub
  ☆14Updated this week
• wolfcod / beacondbg

  View on GitHub
  Beacon Debugger
  ☆55Oct 28, 2024Updated last year
• bitbank2 / zlib_turbo

  View on GitHub
  Optimized zlib inflate (+gzip) library for embedded
  ☆39Jul 15, 2024Updated last year
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆60Oct 19, 2024Updated last year
• yxlnqs / Diviner-full-emu-

  View on GitHub
  DMA Firmware
  ☆16Jun 25, 2024Updated last year
• bitStream93 / Shellcode-Test-Harness

  View on GitHub
  A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…
  ☆42Jan 15, 2026Updated last month
• DaedalusFrame / Nemesis

  View on GitHub
  Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…
  ☆36Dec 17, 2025Updated last month
• ShallowFeather / KDemu

  View on GitHub
  A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment
  ☆162Jan 15, 2026Updated last month
• tringi / win32-iocp-events

  View on GitHub
  Example of waiting for Event Objects by associating them with a I/O Completion Port (IOCP), effectively lifting MAXIMUM_WAIT_OBJECTS (64)…
  ☆41Oct 14, 2024Updated last year
• NioZow / Imperium

  View on GitHub
  A C++/Asm template for PIC/EXE/DLL malware
  ☆24Aug 12, 2025Updated 6 months ago
• strozfriedberg / EDRSilencer-BOF

  View on GitHub
  Port of the EDRSilencer tool (https://github.com/netero1010/EDRSilencer) to BOF format
  ☆32Oct 22, 2024Updated last year
• Peribunt / VPGATHER

  View on GitHub
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆53Dec 30, 2025Updated last month
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆225Jan 24, 2025Updated last year
• souzomain / Packer

  View on GitHub
  Packer is a compact, fast and crosss-platform serialization library for store data in a buffer
  ☆22Aug 5, 2023Updated 2 years ago
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated 11 months ago
• Msgun / socks5

  View on GitHub
  reverse proxy server
  ☆19Jul 7, 2016Updated 9 years ago
• irql / nokd

  View on GitHub
  reverse engineering of the windows nt kernel debugger protocol & reimplementation.
  ☆36Jul 2, 2024Updated last year
• m3rcer / IRvana

  View on GitHub
  Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
  ☆130Dec 24, 2025Updated last month
• DErDYAST1R / FnSDK

  View on GitHub
  My Fortnite Cheat SDK
  ☆27Oct 21, 2024Updated last year
• synacktiv / windows_kernel_shadow_stack

  View on GitHub
  Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.
  ☆53Jun 2, 2025Updated 8 months ago
• zhuhuibeishadiao / PatchGuardResearch

  View on GitHub
  win10 pgContext dynamic dump (btc version)
  ☆110Jan 15, 2020Updated 6 years ago
• SamuelTulach / SecureFakePkg

  View on GitHub
  Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with se…
  ☆215Oct 1, 2021Updated 4 years ago
• DErDYAST1R / NmiCallbackBlocker

  View on GitHub
  Kernel Level NMI Callback Blocker
  ☆160Sep 27, 2025Updated 4 months ago
• build-cpp / wdk_template

  View on GitHub
  Windows kernel driver template for cmkr (with testsigning).
  ☆36Jul 8, 2023Updated 2 years ago
• FlR0X / Discord-Overlay-Hijack-External

  View on GitHub
  hijacks the discord overlay and draws imgui inside of it while remaining flagless due to the discord overlay devs being retarded
  ☆17Apr 29, 2025Updated 9 months ago
• NoviceLevel / Pcileech-QuantumStealth-Max

  View on GitHub
  let's explore the structure of holography。让我们探索‘全息’技术的结构
  ☆29Aug 7, 2025Updated 6 months ago
• F0RSV1NNA / DMA-Templates

  View on GitHub
  A Template for DMA Projects
  ☆35Jul 9, 2024Updated last year
• Idov31 / EtwLeakKernel

  View on GitHub
  Leaking kernel addresses from ETW consumers. Requires Administrator privileges.
  ☆91Nov 6, 2025Updated 3 months ago
• pTerrance / alpc-km-um

  View on GitHub
  POC usermode <=> kernel communication via ALPC.
  ☆70Jun 6, 2024Updated last year
• wjcsharp / Common

  View on GitHub
  Shareds for kernel developement
  ☆29Dec 23, 2013Updated 12 years ago
• TaoistBrickscarrier / SPIRemove

  View on GitHub
  进程内优雅地拦截SPI/LSP模块。 Manage SPI/LSP in a graceful way within private process.
  ☆11Dec 28, 2017Updated 8 years ago
• outflanknl / macho-loader

  View on GitHub
  ☆102Sep 5, 2024Updated last year
• JustasMasiulis / rep_mov_ept_detecc

  View on GitHub
  ☆94Oct 25, 2025Updated 3 months ago
• winterknife / EVENSTAR

  View on GitHub
  Intel 64/Windows low-level experiments
  ☆63Aug 25, 2025Updated 5 months ago
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆198Jun 17, 2025Updated 7 months ago
• Octoberfest7 / JumpSession_BOF

  View on GitHub
  Beacon Object File allowing creation of Beacons in different sessions.
  ☆82May 23, 2022Updated 3 years ago
• SamuelTulach / LightHook

  View on GitHub
  Single-header, minimalistic, cross-platform hook library written in pure C
  ☆374Jan 3, 2026Updated last month
• klezVirus / ThreadPoolExecChain

  View on GitHub
  A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack
  ☆97Dec 22, 2025Updated last month
• Mowokuma / vm_str.hpp

  View on GitHub
  vm_str.hpp is a header only string obfuscator.
  ☆105Aug 24, 2025Updated 5 months ago