Alternatives and similar repositories for vmt-hooking:

Users that are interested in vmt-hooking are comparing it to the libraries listed below

• christianshub / process-injection-guard
  Signature scanner and API hooks to detect malicious process injection
  ☆27Updated 2 years ago
• nblog / x64dbgpy3
  x64dbg python3 plugin
  ☆22Updated this week
• h311d1n3r / LetsHook
  A Windows API hooking library !
  ☆31Updated 2 years ago
• keowu / winsystemprogramming
  Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.
  ☆10Updated 2 years ago
• opcode86 / SysCaller
  Single header library to simplify the usage of direct syscalls. x64/x86
  ☆11Updated 2 years ago
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆34Updated 4 years ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆41Updated 3 years ago
• mrexodia / MBR
  EDR PoC WIP LLC
  ☆11Updated last year
• SamuelTulach / GetDeviceInterfacesMemoryLeak
  Small memory leak PoC that is happening in IopGetDeviceInterfaces
  ☆25Updated 4 years ago
• mrexodia / IATFaker
  Small project to generate fake DLLs based on an executable's import table
  ☆23Updated 4 years ago
• emlinhax / DriverTimestampFaker
  Fake Timestamps of Driver Certificates while keeping validity.
  ☆17Updated 3 years ago
• d35ha / xPE
  Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling
  ☆32Updated 5 years ago
• r1cky33 / winforms-gui-loader
  driver interface with dll-injection capabilities
  ☆28Updated 4 years ago
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆42Updated last year
• rich-ayr / phnt_nightly
  Native API header files for the Process Hacker project (nightly).
  ☆26Updated last week
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆62Updated 2 years ago
• Vasie1337 / sharedsection-driver
  Driver shared section communication
  ☆44Updated last month
• Broihon / Symbol-Parser
  Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…
  ☆44Updated 2 years ago
• BerkanYildiz / EasyNT
  Simplifies the Windows Kernel APIs by making the existing function easier to use, and extends them by creating functions that could possi…
  ☆26Updated 3 weeks ago
• oxiKKK / iat-dump
  A dumper for all the imports stored within a Windows PE (portable executable).
  ☆15Updated 3 years ago
• moccajoghurt / MemWars
  ☆48Updated 6 years ago
• namazso / PawnIO
  Input-output driver
  ☆25Updated last month
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆38Updated 2 years ago
• adrianyy / memorylib
  Remote memory library in C++17.
  ☆31Updated 6 years ago
• emlinhax / DbgViewEx
  combine the power of procmon and dbgview into one single application
  ☆8Updated last year
• gmh5225 / Driver-SoulExtraction
  SoulExtraction is a windows driver library for extracting cert information in windows drivers
  ☆22Updated 2 years ago
• andrew9382 / manual_mapping_dll_injector
  manual mapping injector
  ☆27Updated 3 years ago
• kotae4 / ntkernel-dev-notes
  ☆21Updated 3 years ago
• addrianyy / asmlib_x64
  x64 assembler library
  ☆31Updated 10 months ago
• idkhidden / idashare
  idashare is an IDA Pro plugin that allows you to quickly share the currently loaded binary and IDA database over a local HTTP server with…
  ☆10Updated 3 weeks ago