Alternatives and similar repositories for vmt-hooking

Users that are interested in vmt-hooking are comparing it to the libraries listed below

• christianshub / process-injection-guard
  Signature scanner and API hooks to detect malicious process injection
  ☆27Updated 2 years ago
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆46Updated 2 years ago
• s0ngidong3 / TPM-SPOOFER
  ☆26Updated last year
• zeroaceee / EDMapper
  A documented Windows x64 bit Usermode Injector that works via hooking IAT and hijacking its threads to execute shellcode.
  ☆67Updated 2 years ago
• fengjixuchui / khaleesi
  Anti-debug library based on al-khaser with ScyllaHide/TitanHide detection.
  ☆59Updated 6 years ago
• HyperDbg / RedDbg
  Hypervisor-based debugger for AMD processors
  ☆60Updated last year
• kkent030315 / EvilHooker
  Function hooks in Windows NT Kernel
  ☆25Updated 4 years ago
• mrexodia / IATFaker
  Small project to generate fake DLLs based on an executable's import table
  ☆23Updated 5 years ago
• adrianyy / x64-syscall
  x64 syscall caller in C++.
  ☆91Updated 7 years ago
• niemand-sec / Reversing-XignCode3-Driver
  I'm going to be dropping code from the XC3 Driver (result of reversing the driver)
  ☆70Updated 5 years ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆41Updated 4 years ago
• ajkhoury / pubg_internal
  ☆31Updated 3 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆70Updated 4 years ago
• jonatan1024 / CpuidSpoofer
  x64dbg plugin for simple spoofing of CPUID instruction behavior
  ☆91Updated 2 years ago
• ExpLife0011 / KeUserModeCallBack
  A Simple Example
  ☆22Updated 6 years ago
• not-wlan / instrumentation-callbacks
  based on https://github.com/secrary/Hooking-via-InstrumentationCallback
  ☆71Updated 5 years ago
• ColeStrickler / 1337Visor
  Type 2 Hypervisor for security research supported by AMD-V hardware assisted virtualization
  ☆40Updated 2 years ago
• BerkanYildiz / EasyNT
  Windows Kernel API wrapper with simplified functions and enterprise driver extensions.
  ☆29Updated last month
• ZehMatt / zyemu
  x86-64 user mode emulation using Zydis
  ☆64Updated this week
• KDIo3 / PCIBan
  A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.
  ☆80Updated 4 years ago
• 0dayatday0 / BattleFN-cheat-analysis
  ☆46Updated 3 years ago
• mrexodia / EfiCMake
  CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).
  ☆78Updated 2 years ago
• DErDYAST1R / SilentFunctionCaller
  Allows for same-file KernelMode function execution using Encrypted addresses of Functions
  ☆44Updated 10 months ago
• JustasMasiulis / remote_memory
  A simple library which provides a way to read and write the memory of other processes
  ☆54Updated 7 years ago
• HyperSine / siren-hypervisor
  ☆38Updated 2 years ago
• KiFilterFiberContext / VMP3-Disasm
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆95Updated 3 years ago
• d366 / DarkMMap
  Manual PE image mapper
  ☆65Updated 12 years ago
• danielkrupinski / KernelProcessList
  Example Windows Kernel-mode Driver which enumerates running processes.
  ☆57Updated 3 years ago
• SamuelTulach / GetDeviceInterfacesMemoryLeak
  Small memory leak PoC that is happening in IopGetDeviceInterfaces
  ☆25Updated 4 years ago
• weak1337 / SystemThreadFinder
  ☆80Updated 4 years ago