Alternatives and similar repositories for functionhooks

Users that are interested in functionhooks are comparing it to the libraries listed below

• bytewreck / hook-buster
  Proof-of-Concept software for detecting AV/EDR hooks in Windows libraries.
  ☆31Updated 3 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆36Updated 2 years ago
• TheAenema / hm-pe-packer
  A x64 PE Packer/Protector Developed in C++ and VisualStudio
  ☆52Updated last year
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆64Updated 10 months ago
• Cc28256 / ObfuscateP
  编译时混淆字符串，以确保生成的二进制PE不会暴漏明文字符串。（C++ 14 及以上）
  ☆26Updated 3 years ago
• lazypanda1729 / Kernel-Snooping
  ☆29Updated 9 months ago
• idiotc4t / Mapping-injection
  NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection
  ☆30Updated 5 years ago
• ytk2128 / api-monitor32
  A simple tool for detecting memory modifications to Windows API.
  ☆22Updated 6 months ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆57Updated last year
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago
• Nero22k / Process-Injections-Techniques
  Variety of different process injections implemented in C++
  ☆26Updated 4 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• d35ha / ProcessHide
  ☆63Updated 2 years ago
• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆48Updated last year
• ProcessusT / PsNotifRoutineUnloader
  This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…
  ☆63Updated last year
• x0reaxeax / SyscallHookBypass
  NTAPI hook bypass with (semi) legit stack trace
  ☆16Updated 2 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆87Updated 2 years ago
• ntoskrnl7 / ldk
  Load Dll into Kernel space
  ☆38Updated 2 years ago
• magnusstubman / dll-exports
  Collection of DLL function export forwards for DLL export function proxying
  ☆98Updated last year
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆106Updated 2 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆87Updated 3 months ago
• MahmoudZohdy / IAT-Obfuscation
  IAT-Obfuscation to make static analysis of executable harder.
  ☆43Updated 3 years ago
• trieck / comexplore
  COM Explorer
  ☆15Updated 4 months ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆45Updated 7 years ago
• SweetIceLolly / Prevent_File_Deletion
  Record & prevent file deletion in kernel mode
  ☆44Updated 4 years ago
• Cracked5pider / Rhaast
  doesnt work and wont work on it anymore
  ☆9Updated last year
• zodiacon / RemoteThreadDetection
  Remote Thread Detection with a Kernel Driver
  ☆31Updated 6 months ago
• blueflagss / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆53Updated 5 months ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆60Updated last year
• hid3rx / GhostWriting
  ☆31Updated last year