qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.
☆21Jan 31, 2015Updated 11 years ago
Alternatives and similar repositories for qHooK
Users that are interested in qHooK are comparing it to the libraries listed below
Sorting:
- ☆11Apr 23, 2019Updated 6 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- Sample showing how to hook an application with Python and Nektra Deviare☆25Aug 9, 2012Updated 13 years ago
- Small c++ basic packet sniffer for TCP, UDP, IGMP, and Others. Built for learning purposes.☆27Oct 12, 2016Updated 9 years ago
- Bleeding edge GCC Linaro toolchain, built using latest git version of crosstool-NG.☆16Jan 23, 2019Updated 7 years ago
- Vulnerability research on the CA UIM Nimbus protocol☆15Sep 28, 2020Updated 5 years ago
- Source Code for 'Foundations of ARM64 Linux Debugging, Disassembling, and Reversing' by Dmitry Vostokov☆15Jan 20, 2023Updated 3 years ago
- crypto currency api arbitrage☆18Apr 28, 2019Updated 6 years ago
- VExtension for NTCore Explorer Suite aka CFF Explorer☆40Jun 6, 2022Updated 3 years ago
- Simple driver loader for windows☆17May 22, 2020Updated 5 years ago
- Disables ASLR flag IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE in IMAGE_OPTIONAL_HEADER on pre-compiled EXE. Works for both 32 and 64 bit Windo…☆20Jan 13, 2021Updated 5 years ago
- Debugger and analyzer for ARM ELF executables.☆18Oct 24, 2022Updated 3 years ago
- A utility designed to investigate the behavior of the Windows api 'SetWindowsHookEx', and the behavior of the system when installing / ca…☆27Sep 28, 2023Updated 2 years ago
- Trainer(aimbot and esp) for Assault Cube on macOS☆22Oct 16, 2019Updated 6 years ago
- ☆17Dec 3, 2020Updated 5 years ago
- Flow Driven Domain Library, a spring Library that helps you develop DDD process-centric domains☆11Jan 27, 2024Updated 2 years ago
- Silent Monero (XMR) CPU miner☆23Jun 25, 2018Updated 7 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Dec 24, 2013Updated 12 years ago
- Valgrind extension for whitebox fuzz testing☆30Jul 10, 2009Updated 16 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Vector Exception Handling Hook☆23Sep 6, 2016Updated 9 years ago
- Python course for adult self starters☆15Dec 4, 2024Updated last year
- great☆48Sep 19, 2025Updated 5 months ago
- Repository for my talk on Desktop Bridge at Zer0Con 2018.☆34Mar 30, 2018Updated 7 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Aug 14, 2018Updated 7 years ago
- ☆26Jan 18, 2026Updated last month
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Nov 4, 2021Updated 4 years ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆95Feb 14, 2026Updated 3 weeks ago
- A distributed corpus distillation tool for windows applications.☆32Feb 13, 2017Updated 9 years ago
- ☆11Nov 9, 2025Updated 4 months ago
- PoCs for VMWare VGPU Direct 3D 10 vulnerabilities fixed in VMware Workstation 12.5.5 and 12.5.7☆36Jul 17, 2017Updated 8 years ago
- Config files for my GitHub profile.☆33Jan 6, 2023Updated 3 years ago
- Solver with Interface window for Cloudflare Turnstile and other Captchas.☆13Oct 7, 2024Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆66Apr 4, 2020Updated 5 years ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago
- CVE-2017-9791☆27Jul 8, 2017Updated 8 years ago
- ☆40May 10, 2025Updated 9 months ago
- Windows LNK/URL shortcut auto-binding hotkey (not a bug, feature)☆30Mar 22, 2018Updated 7 years ago
- Taking advantage of CRT initialization, to get away with hooking protected applications☆48Nov 2, 2022Updated 3 years ago