Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.
☆85Nov 5, 2023Updated 2 years ago
Alternatives and similar repositories for hook-scanner
Users that are interested in hook-scanner are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Helps to find patched modules☆31Oct 26, 2020Updated 5 years ago
- Hijack NotifyRoutine for a kernelmode thread☆40Jun 4, 2022Updated 4 years ago
- POC Hook of nt!HvcallCodeVa☆55May 8, 2023Updated 3 years ago
- ☆133Aug 6, 2022Updated 3 years ago
- Analyze patches in a process☆262Jul 28, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Drawing from kernelmode without any hooks☆177Jul 7, 2022Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆56May 23, 2022Updated 4 years ago
- base for testing☆192Sep 28, 2024Updated last year
- Convert any binary to a C-style array☆24Aug 24, 2021Updated 4 years ago
- ☆47Feb 27, 2022Updated 4 years ago
- Anti-anti-debug: reset ThreadHideFromDebugger☆16Nov 25, 2021Updated 4 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆491Jan 3, 2022Updated 4 years ago
- ☆159May 21, 2024Updated 2 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- comparing data of module exports from disk and memory, then caching any differences.☆26Dec 11, 2021Updated 4 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆119Feb 8, 2022Updated 4 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆371Aug 18, 2022Updated 3 years ago
- eac memory sig maker☆14Jun 10, 2021Updated 5 years ago
- Simple memory obfuscator.☆23Jul 21, 2022Updated 3 years ago
- undetected eac mapper☆169May 3, 2022Updated 4 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆573Nov 12, 2022Updated 3 years ago
- hook detector☆31Nov 4, 2021Updated 4 years ago
- A simple way to spoof return addresses using an exception handler☆45Aug 3, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Stealing signatures from pe files☆15Apr 1, 2025Updated last year
- ☆223May 10, 2022Updated 4 years ago
- ☆46Oct 19, 2021Updated 4 years ago
- Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.☆401Aug 8, 2021Updated 4 years ago
- Easy Anti PatchGuard☆221Apr 9, 2021Updated 5 years ago
- ☆147Jan 24, 2024Updated 2 years ago
- driver manual mapper powered by https://github.com/estimated1337/lenovo_exec☆118Dec 28, 2022Updated 3 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 7 years ago
- 09/2021 reversal of EasyAntiCheat driver☆243Dec 21, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- UD overlay using SetWindowsHookEx☆17Apr 29, 2022Updated 4 years ago
- Figuring out the cause of a handle downgrade☆24Dec 13, 2022Updated 3 years ago
- A mapper that maps shellcode into loaded large page drivers☆359Apr 26, 2022Updated 4 years ago
- ☆63Jul 31, 2022Updated 3 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆152Feb 12, 2022Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆221Nov 12, 2020Updated 5 years ago
- ☆143Jan 13, 2021Updated 5 years ago