carlos-al/user-kernel-syscall-hook external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

carlos-al/user-kernel-syscall-hook

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/carlos-al/user-kernel-syscall-hook)

Close

carlos-al / user-kernel-syscall-hookView on GitHubMore

• External links
• Readme badge

☆93Jun 3, 2024Updated last year

Alternatives and similar repositories for user-kernel-syscall-hook

Users that are interested in user-kernel-syscall-hook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Vector35 / pdb-rs

  View on GitHub
  A parser for Microsoft PDB (Program Database) debugging information
  ☆23Nov 5, 2024Updated last year
• r3bb1t / bin_lift

  View on GitHub
  Rust library for lifting raw binary data to LLVM IR
  ☆61Jul 18, 2025Updated 8 months ago
• carlos-al / windows-kernel-rs

  View on GitHub
  ☆22May 30, 2024Updated last year
• tandasat / recon2024_demo

  View on GitHub
  Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible. No …
  ☆24Jun 16, 2024Updated last year
• yellowbyte / zero-footprint-opaque-predicates

  View on GitHub
  obfuscation that aims to not stand out
  ☆25Mar 27, 2022Updated 4 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• pd0wm / binaryninja-pcode

  View on GitHub
  This plugin serves as a bridge between Binary Ninja and Ghidra's disassembler.
  ☆36Jun 27, 2022Updated 3 years ago
• seekbytes / pocket

  View on GitHub
  Mixed Boolean Arithmetic Expression Obfuscator
  ☆78Jul 26, 2023Updated 2 years ago
• FunnyWhaleDev / AlterLoadDll

  View on GitHub
  Load dll with undocumented functions and debug symbols
  ☆47Jul 20, 2024Updated last year
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆63Oct 19, 2024Updated last year
• unknowntrojan / mapparse

  View on GitHub
  a parser for the .map file included in the aimware leak
  ☆16Feb 19, 2023Updated 3 years ago
• lleon1435 / Kernel_VADInjector

  View on GitHub
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆55Oct 19, 2023Updated 2 years ago
• s3team / loop

  View on GitHub
  Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
  ☆52Jan 19, 2016Updated 10 years ago
• donnaskiez / hv

  View on GitHub
  intel vt-x type 2 hypervisor
  ☆65Apr 13, 2025Updated last year
• zer0condition / ZeroHVCI

  View on GitHub
  Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…
  ☆262Mar 16, 2026Updated 3 weeks ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• williballenthin / lancelot

  View on GitHub
  intel x86(-64) code analysis library that reconstructs control flow
  ☆110Jan 8, 2026Updated 3 months ago
• 1401199262 / NMIStackWalk

  View on GitHub
  ☆73Aug 31, 2022Updated 3 years ago
• widberg / llvm-project-widberg-extensions

  View on GitHub
  Compiler for reverse engineers
  ☆44Updated this week
• 0xcpu / WinAltSyscallHandler

  View on GitHub
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆242Nov 6, 2019Updated 6 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• Colerar / labyrinth

  View on GitHub
  Labyrinth, an LLVM obfuscation plugin for the New Pass Manager
  ☆44Feb 23, 2025Updated last year
• mazeworks-security / MSiMBA

  View on GitHub
  Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions
  ☆83Mar 28, 2026Updated 2 weeks ago
• ergrelet / themida-spotter-bn

  View on GitHub
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆93Jul 28, 2024Updated last year
• KANKOSHEV / Detect-HiddenThread-via-KPRCB

  View on GitHub
  Detect removed thread from PspCidTable.
  ☆75Mar 18, 2022Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• snowsnowsnows / EagleVM

  View on GitHub
  Native code virtualizer for x64 binaries
  ☆522Dec 20, 2024Updated last year
• cxiao / rust_type_layout_helper_bn

  View on GitHub
  An extremely experimental Binary Ninja importer for the type layout information emitted by the -Zprint-type-sizes flag of the Rust compil…
  ☆39Mar 19, 2026Updated 3 weeks ago
• 0mWindyBug / WFPCalloutReserach

  View on GitHub
  research revolving the windows filtering platform callout mechanism
  ☆39May 26, 2024Updated last year
• Adikso / debugtocpp

  View on GitHub
  Tool for generating C++ classes and json from PDB, DWARF and ELF symbols (Work in progress)
  ☆53Nov 16, 2018Updated 7 years ago
• 0mWindyBug / GhostMapperUM

  View on GitHub
  manual map unsigned driver over signed memory
  ☆222Apr 11, 2024Updated 2 years ago
• BeneficialCode / KReClassEx

  View on GitHub
  Kernel ReClassEx
  ☆68Nov 21, 2023Updated 2 years ago
• xu-Wan / HypercallPageHook

  View on GitHub
  POC Hook of nt!HvcallCodeVa
  ☆54May 8, 2023Updated 2 years ago
• Jhinxs / hvcv

  View on GitHub
  Virtualization Simply Code
  ☆24May 13, 2022Updated 3 years ago
• backengineering / bintests

  View on GitHub
  A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations
  ☆74Aug 2, 2024Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• zer0condition / ZeroThreadKernel

  View on GitHub
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆159Mar 16, 2026Updated 3 weeks ago
• namazso / msvcrt.lib

  View on GitHub
  .lib file for linking against the NT CRT
  ☆19Mar 18, 2022Updated 4 years ago
• backengineering / elderscroll

  View on GitHub
  PDB Rewriting Rust Library
  ☆29Apr 26, 2024Updated last year
• ch4ncellor / Inline-PatchFinder

  View on GitHub
  comparing data of module exports from disk and memory, then caching any differences.
  ☆26Dec 11, 2021Updated 4 years ago
• StephanvanSchaik / hy-rs

  View on GitHub
  hy-rs, pronounced high rise, provides a unified and portable to the hypervisor APIs provided by various platforms.
  ☆20Mar 10, 2022Updated 4 years ago
• 1401199262 / HookHvcallCodeVa

  View on GitHub
  ☆23May 8, 2023Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆268Aug 31, 2022Updated 3 years ago