KANKOSHEV/Detect-KeAttachProcess external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

KANKOSHEV/Detect-KeAttachProcess

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/KANKOSHEV/Detect-KeAttachProcess)

Close

KANKOSHEV / Detect-KeAttachProcessView on GitHubMore

• External links
• Readme badge

Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.

☆121Feb 8, 2022Updated 4 years ago

Alternatives and similar repositories for Detect-KeAttachProcess

Users that are interested in Detect-KeAttachProcess are comparing it to the libraries listed below

• KANKOSHEV / Detect-HiddenThread-via-KPRCB

  View on GitHub
  Detect removed thread from PspCidTable.
  ☆75Mar 18, 2022Updated 4 years ago
• EBalloon / MapPage

  View on GitHub
  Mapping your code on a 0x1000 size page
  ☆71May 20, 2022Updated 3 years ago
• KANKOSHEV / Detect-MouseClassServiceCallback

  View on GitHub
  mouseclassservicecallback detection via hook
  ☆52Feb 7, 2022Updated 4 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆223Apr 9, 2021Updated 4 years ago
• weak1337 / CEDetector

  View on GitHub
  ☆47Feb 27, 2022Updated 4 years ago
• EBalloon / Rw-No-Attach

  View on GitHub
  ☆158May 21, 2024Updated last year
• KANKOSHEV / NoScreen

  View on GitHub
  Hiding the window from screenshots using the function win32kfull::GreProtectSpriteContent
  ☆638Dec 26, 2024Updated last year
• ekknod / Nmi

  View on GitHub
  Old way for blocking NMI interrupts
  ☆29Sep 6, 2022Updated 3 years ago
• weak1337 / BE-Shellcode

  View on GitHub
  Code for Battleyes shellcode
  ☆237Nov 11, 2021Updated 4 years ago
• muturikaranja / kernel-windowless-wndproc-hook

  View on GitHub
  hooks gServerHandlers xxxEventWndProc
  ☆13May 1, 2022Updated 3 years ago
• weak1337 / NO_ACCESS_Protection

  View on GitHub
  ☆192Dec 8, 2021Updated 4 years ago
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 3 years ago
• SamuelTulach / meme-rw

  View on GitHub
  Archive R/W into any protected process by changing the value of KTHREAD->PreviousMode
  ☆163Jul 31, 2022Updated 3 years ago
• Sinclairq / hierarchy-eac

  View on GitHub
  Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy
  ☆83Oct 6, 2022Updated 3 years ago
• MapleSwan / PageTableHook

  View on GitHub
  ☆144Dec 10, 2022Updated 3 years ago
• ekknod / SetWindowHookEx

  View on GitHub
  Using SetWindowHookEx for preinjected DLL's
  ☆57Aug 25, 2022Updated 3 years ago
• ekknod / acdrv

  View on GitHub
  base for testing
  ☆187Sep 28, 2024Updated last year
• charliewolfe / PointerGuard

  View on GitHub
  PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…
  ☆57May 23, 2022Updated 3 years ago
• boom-cr3 / VTableKFunctionHook

  View on GitHub
  This project will give you an example how you can hook a kernel vtable function that cannot be directly called
  ☆84Dec 25, 2021Updated 4 years ago
• 0xf1a / DSMM

  View on GitHub
  Discarded Section Manual Map
  ☆70Jun 18, 2020Updated 5 years ago
• muturikaranja / overlay

  View on GitHub
  UD overlay using SetWindowsHookEx
  ☆16Apr 29, 2022Updated 3 years ago
• waryas / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆366Aug 18, 2022Updated 3 years ago
• helloobaby / pdbtoheader

  View on GitHub
  pdb's function and global vars to offset
  ☆10Apr 11, 2023Updated 2 years ago
• FiYHer / InfinityHookPro

  View on GitHub
  InfinityHookPro Win7 -> Win11 latest
  ☆553Feb 7, 2023Updated 3 years ago
• boom-cr3 / NotifyRoutineHijackThread

  View on GitHub
  Hijack NotifyRoutine for a kernelmode thread
  ☆41Jun 4, 2022Updated 3 years ago
• ch4ncellor / EAC-Reversal

  View on GitHub
  09/2021 reversal of EasyAntiCheat driver
  ☆237Dec 21, 2021Updated 4 years ago
• Deputation / pagewalkr

  View on GitHub
  An x64 page table iterator written in C++ as a kernel mode windows driver.
  ☆119May 25, 2021Updated 4 years ago
• EBalloon / Common-Registry

  View on GitHub
  ☆47Mar 29, 2022Updated 3 years ago
• IcEy-999 / Kernel-Special-APC-ReadProcessMemory

  View on GitHub
  Example of reading process memory through kernel special APC
  ☆111Apr 21, 2023Updated 2 years ago
• cs1ime / DICHook

  View on GitHub
  Hook NtDeviceIoControlFile with PatchGuard
  ☆107May 10, 2022Updated 3 years ago
• thesecretclub / window_hijack

  View on GitHub
  Rendering on external windows via hijacking thread contexts
  ☆404Jun 28, 2020Updated 5 years ago
• Deputation / hygieia

  View on GitHub
  Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.
  ☆151Feb 12, 2022Updated 4 years ago
• btbd / ddma

  View on GitHub
  Disks for DMA
  ☆145Apr 28, 2021Updated 4 years ago
• weak1337 / SkipHook

  View on GitHub
  ☆136Aug 6, 2022Updated 3 years ago
• TygoL / kdmapper-mdl

  View on GitHub
  ☆51Dec 19, 2023Updated 2 years ago
• SamuelTulach / voidmap

  View on GitHub
  Using CVE-2021-40449 to manual map kernel mode driver
  ☆104Mar 5, 2022Updated 4 years ago
• bb107 / RtlWow64

  View on GitHub
  c++ implementation of windows heavens gate
  ☆71Feb 12, 2021Updated 5 years ago
• Compiled-Code / be-injector

  View on GitHub
  ☆224May 10, 2022Updated 3 years ago
• MapleSwan / dwm-overlay

  View on GitHub
  ☆103Mar 26, 2022Updated 3 years ago