hMihaiDavid / hooks
A DLL that performs IAT hooking
☆26Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for hooks
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆52Updated 8 months ago
- Helper utility for debugging windows PE/PE+ loader.☆50Updated 9 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆73Updated 13 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- This is a simple driver with x64 inline assembly☆53Updated 4 years ago
- PE Library x86☆20Updated 5 years ago
- A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory☆33Updated 10 years ago
- ☆33Updated 7 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- Fetch PDB symbols directly from Microsoft's symbol servers☆40Updated 2 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- a binary x86win32 code obfuscator using virtual machine☆32Updated 7 years ago
- ☆21Updated 3 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆55Updated 5 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- NDC Oslo 2019 slides and demos☆32Updated 3 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- An API Monitor based on Instrumentation☆42Updated 6 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆75Updated 9 years ago
- Decrement Windows Kernel for fun and profit☆39Updated 6 years ago
- Code Injection technique written in cpp language☆31Updated 6 years ago
- Figuring out the cause of a handle downgrade☆23Updated last year
- A ready-made template for a project based on libpeconv.☆41Updated last month
- A MITM proxy server for reflective DLL injection through WinINet☆15Updated 6 years ago
- just an lite AntiRootkit for interesting☆23Updated 8 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆26Updated 6 years ago
- Library for using direct system calls☆35Updated 4 years ago