Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.
☆83Nov 5, 2023Updated 2 years ago
Alternatives and similar repositories for hook-scanner
Users that are interested in hook-scanner are comparing it to the libraries listed below
Sorting:
- Helps to find patched modules☆30Oct 26, 2020Updated 5 years ago
- ☆136Aug 6, 2022Updated 3 years ago
- POC Hook of nt!HvcallCodeVa☆54May 8, 2023Updated 2 years ago
- Drawing from kernelmode without any hooks☆174Jul 7, 2022Updated 3 years ago
- Hijack NotifyRoutine for a kernelmode thread☆41Jun 4, 2022Updated 3 years ago
- Analyze patches in a process☆259Jul 28, 2021Updated 4 years ago
- usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to …☆470Jan 3, 2022Updated 4 years ago
- ☆158May 21, 2024Updated last year
- eac memory sig maker☆14Jun 10, 2021Updated 4 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago
- base for testing☆186Sep 28, 2024Updated last year
- Convert any binary to a C-style array☆25Aug 24, 2021Updated 4 years ago
- hook detector☆31Nov 4, 2021Updated 4 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆57May 23, 2022Updated 3 years ago
- ☆47Feb 27, 2022Updated 4 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆365Aug 18, 2022Updated 3 years ago
- undetected eac mapper☆170May 3, 2022Updated 3 years ago
- clearing traces of a loaded driver☆47Jul 2, 2022Updated 3 years ago
- mouseclassservicecallback detection via hook☆52Feb 7, 2022Updated 4 years ago
- Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL☆219Nov 12, 2020Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- A simple external cheat and cheat SDK for Apex legends.☆53May 8, 2022Updated 3 years ago
- This tool will allow you to spoof the return addresses of your functions as well as system functions.☆550Nov 12, 2022Updated 3 years ago
- 09/2021 reversal of EasyAntiCheat driver☆235Dec 21, 2021Updated 4 years ago
- VT Hook☆51Jul 2, 2024Updated last year
- Simple handler for bypass battleye in 5 seconds☆11May 23, 2021Updated 4 years ago
- Stealing signatures from pe files☆15Apr 1, 2025Updated 11 months ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆632Mar 19, 2019Updated 6 years ago
- Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…☆385Jan 29, 2022Updated 4 years ago
- Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver.☆151Feb 12, 2022Updated 4 years ago
- A simple tool to assemble shellcode ready to be copy-pasted into code☆71Jun 13, 2022Updated 3 years ago
- BattlEye kernel module bypass☆178Oct 1, 2022Updated 3 years ago
- ☆146Jan 13, 2021Updated 5 years ago
- ☆224May 10, 2022Updated 3 years ago
- comparing data of module exports from disk and memory, then caching any differences.☆26Dec 11, 2021Updated 4 years ago
- Intel learning hypervisor and some extend function☆23Aug 23, 2025Updated 6 months ago
- Simple memory obfuscator.☆24Jul 21, 2022Updated 3 years ago
- Figuring out the cause of a handle downgrade☆24Dec 13, 2022Updated 3 years ago