Alternatives and similar repositories for process-injection-guard:

Users that are interested in process-injection-guard are comparing it to the libraries listed below

• zodiacon / DbgPrint
  Debug Print viewer (user and kernel)
  ☆65Updated last year
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated 2 years ago
• kkent030315 / EvilHooker
  Function hooks in Windows NT Kernel
  ☆22Updated 4 years ago
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆34Updated 4 years ago
• d35ha / xPE
  Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling
  ☆32Updated 5 years ago
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆20Updated 2 years ago
• h311d1n3r / LetsHook
  A Windows API hooking library !
  ☆31Updated 2 years ago
• DErDYAST1R / NMICallbackBlocker2
  This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.
  ☆39Updated 5 months ago
• Broihon / ProcessInfo
  A class to gather information about a process, its threads and modules.
  ☆24Updated 5 years ago
• sreeharshabandi / Captain
  Process Creation, Image Load and Thread Creation Notification
  ☆12Updated last year
• zodiacon / KObjects
  Sample for Creating a new kernel object type and supporting API
  ☆23Updated 6 months ago
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆32Updated last year
• kkent030315 / ProcessVmAccess
  Two PoC of accessing process virtual memory via NT Kernel
  ☆22Updated 3 years ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆29Updated 2 years ago
• NewWorldComingSoon / llvm-msvc-windows-driver-template
  Windows kernel driver template for cmkr and llvm-msvc.
  ☆34Updated last year
• msmania / hk
  Injector with kernel power
  ☆16Updated 4 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆37Updated 2 years ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆41Updated 3 years ago
• DErDYAST1R / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆31Updated 5 months ago
• kkent030315 / kernel_callbacks
  Bypasses for Windows kernel callbacks PatchGuard protection
  ☆43Updated 3 years ago
• moccajoghurt / MemWars
  ☆48Updated 6 years ago
• BerkanYildiz / EasyNT
  Simplifies the Windows Kernel APIs by making the existing function easier to use, and extends them by creating functions that could possi…
  ☆26Updated 7 months ago
• SHA-MRIZ / FsMinfilterHooking
  ☆31Updated 4 years ago
• hugsy / modern-cpp-windows-driver-template
  Windows driver template, using C++20 & cmake & GithubActions
  ☆20Updated 7 months ago
• Lima-X / Win32.Nebula
  A packed & protected Module Loader and more, for 64-bit Windows
  ☆29Updated 4 years ago
• thejanit0r / x86_dasm
  Lightweight x86-64 disassembling library
  ☆41Updated 2 years ago
• anzelesnik / MySyscall
  Example of hijacking system calls via function pointer tables
  ☆32Updated 3 years ago
• bb107 / RtlWow64
  c++ implementation of windows heavens gate
  ☆68Updated 4 years ago
• AleksaMCode / AMx64
  AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…
  ☆23Updated last year
• SamuelTulach / GetDeviceInterfacesMemoryLeak
  Small memory leak PoC that is happening in IopGetDeviceInterfaces
  ☆25Updated 4 years ago