Sentinel-One / minhook
The Minimalistic x86/x64 API Hooking Library for Windows
☆32Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for minhook
- PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls☆39Updated 9 years ago
- ☆33Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆59Updated 8 years ago
- ☆49Updated 4 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆26Updated 7 years ago
- PoC for detecting and dumping process hollowing code injection☆50Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 6 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- Brand New Code Injection for Windows https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows☆18Updated 8 years ago
- Use NT Native Registry API to create a registry that normal user can not query.☆53Updated 6 years ago
- A simple tool to view important DLL Characteristics and change DEP and ASLR☆45Updated 6 years ago
- Process reimaging proof of concept code☆95Updated 5 years ago
- Public repository for HEVD exploits☆20Updated 6 years ago
- ☆35Updated 5 years ago
- DLL Injection Library & Tools☆70Updated 8 years ago
- ☆73Updated 6 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆75Updated 9 years ago
- Blog posts☆30Updated 4 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆30Updated 7 years ago
- CAPE monitor DLLs☆38Updated 4 years ago
- User-mode hook bypassing method☆32Updated 8 years ago
- ☆16Updated 4 years ago