hMihaiDavid / hooks
A DLL that performs IAT hooking
☆27Updated 6 years ago
Alternatives and similar repositories for hooks:
Users that are interested in hooks are comparing it to the libraries listed below
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- This is a simple driver with x64 inline assembly☆54Updated 4 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆52Updated last year
- A Win32 PE/Executable Crypter that employs on the fly encryption & decryption of memory☆33Updated 11 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- ☆33Updated 7 years ago
- Code Injection technique written in cpp language☆31Updated 7 years ago
- a binary x86win32 code obfuscator using virtual machine☆32Updated 8 years ago
- win32/x64 obfuscate framework☆32Updated 5 years ago
- Library for using direct system calls☆35Updated 2 months ago
- Class implementation of PowerLoader injection technique☆29Updated 8 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 7 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Updated 5 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Plugin for x64dbg to break on unresolved APIs.☆12Updated 7 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆53Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆77Updated 9 years ago
- ☆32Updated 6 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- vmware-backdoor☆33Updated 3 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆19Updated 9 years ago
- APIInfo Plugin (x86) - A Plugin For x64dbg☆50Updated 6 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Windbg extension that allows you analyze Control Flow Guard map☆34Updated 3 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆95Updated 6 years ago
- ☆22Updated 4 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago