h311d1n3r / LetsHook
A Windows API hooking library !
☆31Updated 2 years ago
Alternatives and similar repositories for LetsHook:
Users that are interested in LetsHook are comparing it to the libraries listed below
- A packed & protected Module Loader and more, for 64-bit Windows☆29Updated 4 years ago
- Linux kernel-mode and user-space with wine/MinGW/Windows compability hacking library.☆12Updated 2 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated 5 months ago
- Elevate arbitrary MSR writes to kernel execution.☆32Updated last year
- EDR PoC WIP LLC☆11Updated last year
- Bypassing kernel patch protection runtime☆20Updated 2 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆22Updated 4 years ago
- Simplifies the Windows Kernel APIs by making the existing function easier to use, and extends them by creating functions that could possi…☆26Updated 7 months ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆33Updated 3 years ago
- Native API header files for the Process Hacker project (nightly).☆26Updated this week
- devirtualization vmprotect☆62Updated 2 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 5 years ago
- Just an example of a well-known technique to detect memory tampering via Windows Working Sets.☆16Updated 3 years ago
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆49Updated 4 years ago
- ☆15Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- ☆29Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- Symbolic Execution based on lifting amd64 to z3☆26Updated 9 months ago
- Plugin for x64dbg to disable parallel loading of dependencies☆19Updated 2 years ago
- Windows Minidump loader for Ghidra☆18Updated 2 years ago
- .lib file for linking against the NT CRT☆18Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆12Updated last year
- Fake Timestamps of Driver Certificates while keeping validity.☆17Updated 3 years ago
- Analysing and defeating PatchGuard universally☆34Updated 4 years ago
- ☆27Updated last year
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆19Updated 3 years ago
- Small project to generate fake DLLs based on an executable's import table☆23Updated 4 years ago
- Single header library to simplify the usage of direct syscalls. x64/x86☆11Updated 2 years ago