apriorit / APIHookingLibraries
Samples that shows how to use API Hook libraries: Detours, Deviare, MHook, EasyHook to hide files with the "+/*.txt" file name pattern.
☆12Updated 2 years ago
Alternatives and similar repositories for APIHookingLibraries:
Users that are interested in APIHookingLibraries are comparing it to the libraries listed below
- Add a new section in the PE file, and copy old import descriptor to the new section then insert a new dll file into the import directory.☆9Updated 3 years ago
- ☆31Updated 4 years ago
- A manual PE mapping implementation, aka reflective loader☆19Updated 2 years ago
- Compile-Time Calls Obfuscator for C++14+☆43Updated last year
- Protected Process Light Library☆18Updated 4 years ago
- Load Dll into Kernel space☆38Updated 2 years ago
- direct systemcalls with a modern c++20 interface.☆42Updated 2 years ago
- Reverse Socks5 proxy for windows☆13Updated 2 years ago
- ☆26Updated 7 years ago
- ☆47Updated 2 years ago
- Record & prevent file deletion in kernel mode☆42Updated 4 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- Injector with kernel power☆16Updated 4 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆60Updated 7 months ago
- Samples from my book Windows Native API programming☆61Updated 3 weeks ago
- Easy to include string and wstring obfuscation☆18Updated 3 years ago
- research revolving the windows filtering platform callout mechanism☆31Updated 10 months ago
- Debug Print viewer (user and kernel)☆66Updated last year
- A library with four different methods to execute shellcode in a process☆24Updated 5 years ago
- Static Library For Windows Drivers☆33Updated 2 months ago
- sc4cpp is a shellcode framework based on C++☆88Updated 3 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- ☆24Updated 6 years ago
- A stack and register based virtual machine which can compile and execute arbitrary code in runtime☆44Updated last month
- bootkit驱动映射,三环进程注入加载指定模块☆12Updated 6 months ago
- Different API Hooking Techniques - Ring3 (Detours, Trampoline, IAT and EAT) for both, x64 and x32 PE files - Since 2014.☆16Updated 3 months ago
- Hook NtDeviceIoControlFile with PatchGuard☆105Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- Force a file delete using a windows kernel driver☆64Updated 2 years ago
- handle elevation using bedaisy.☆12Updated 4 years ago