Alternatives and similar repositories for KasperskyHook

Users that are interested in KasperskyHook are comparing it to the libraries listed below

• ZeroMemoryEx / TrampHook
  Simple x86 Trampoline Hook
  ☆40Updated 2 years ago
• NUL0x4C / RecycleBinPersistence
  using the Recycle Bin to insure persistence
  ☆12Updated 2 years ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆19Updated 2 years ago
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆29Updated 4 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• ZeroMemoryEx / Hooks_Hunter
  Simple API Hooks detector
  ☆73Updated 2 years ago
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆25Updated 5 years ago
• TRIKbranch / RunPE-X86--X64-
  With this RunPE you can easily inject your payload in any x86 or x64 program.
  ☆14Updated 5 years ago
• Jasper1467 / WindowsDefender_Rebuild
  An attempt at reversing WindowsDefender
  ☆20Updated 7 months ago
• cocomelonc / 2022-01-14-malware-injection-13
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆17Updated 3 years ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆35Updated last year
• Lima-X / XOrCryptEx
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Updated 3 years ago
• x0reaxeax / rwlazer64
  Win64 UEFI Driver-based tool for unrestricted memory R/W
  ☆26Updated 3 years ago
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆17Updated 5 years ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆48Updated 2 years ago
• AlSch092 / ModifyExports
  Research of modifying exported function names at runtime (C/C++, Windows)
  ☆17Updated 11 months ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆53Updated 2 years ago
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆20Updated 2 years ago
• lennyRBLX / ret_addr_spoofer
  Compileable POC of namazso's x64 return address spoofer.
  ☆52Updated 4 years ago
• benheise / bootkit
  UEFI bootkit: Hardware Implant. In-Progress
  ☆16Updated 3 years ago
• ioncodes / pooldump
  ☆29Updated 3 years ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆41Updated 2 years ago
• boom-cr3 / NotifyRoutineHijackThread
  Hijack NotifyRoutine for a kernelmode thread
  ☆42Updated 2 years ago
• d35ha / PEReflectiveInjection
  Remote PE reflective injection with a simple reflective loader
  ☆31Updated 5 years ago
• kkent030315 / anyelevate
  x64 Windows privilege elevation using anycall
  ☆21Updated 3 years ago
• ryan-weil / Code-Cave
  Injects position-dependent code into a code cave in an executable file, and applies relocations.
  ☆22Updated 2 years ago
• zero2504 / Shadow-Rebirth
  Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
  ☆11Updated 5 months ago
• Flerov / EAKC-EnumAllKernelCallbacks
  Enumerate Callbacks and all Object Types
  ☆13Updated 2 years ago
• veil-ivy / kapc_injector
  kernel to user mode APC injector
  ☆44Updated 3 years ago
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆19Updated 3 years ago