jay / gethooksLinks
GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
☆61Updated 4 years ago
Alternatives and similar repositories for gethooks
Users that are interested in gethooks are comparing it to the libraries listed below
Sorting:
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Updated last year
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆57Updated 9 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 7 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Updated 12 years ago
- A session-0 capable dll injection utility☆76Updated 7 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆80Updated 2 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆59Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆57Updated 7 years ago
- This is a sample that shows how to leverage SetThreadContext for DLL injection☆84Updated 8 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 10 years ago
- library, which help to describe or load and execute PE files.☆55Updated 12 years ago
- Library for ETW, ProcessTracker sample based on ETW☆33Updated 8 years ago
- Windows kernel-mode callbacks tutorial driver☆47Updated 9 years ago
- C++☆80Updated 9 years ago
- PoC for detecting and dumping process hollowing code injection☆52Updated 7 years ago
- ☆34Updated 8 years ago
- ☆117Updated 12 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆78Updated 6 years ago
- A simple rootkit to hide a process☆47Updated 11 years ago
- OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.☆54Updated 13 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆66Updated 12 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 7 years ago
- ☆57Updated 11 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆107Updated 7 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆33Updated 8 years ago
- Load a Windows Kernel Driver☆94Updated 8 years ago
- simple PE packer written in C++☆56Updated 7 years ago
- User-mode hook bypassing method☆33Updated 9 years ago