jay / gethooksLinks
GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
☆61Updated 4 years ago
Alternatives and similar repositories for gethooks
Users that are interested in gethooks are comparing it to the libraries listed below
Sorting:
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 6 years ago
- A session-0 capable dll injection utility☆76Updated 7 years ago
- Lightweight Portable Executable parsing library and a demo peParser application.☆80Updated 2 years ago
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Updated last year
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Updated 12 years ago
- C++☆80Updated 9 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆57Updated 9 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆59Updated 6 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆33Updated 7 years ago
- Code Injection technique written in cpp language☆33Updated 7 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆57Updated 6 years ago
- A command line tool to load and unload a device driver.☆47Updated 8 years ago
- PoC for detecting and dumping process hollowing code injection☆52Updated 6 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆79Updated 6 years ago
- A minimal tool to extract shellcode from 64-bit PE binaries.☆51Updated 4 years ago
- simple PE packer written in C++☆56Updated 7 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆36Updated last year
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆53Updated last year
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 10 years ago
- exploit termdd.sys(support kb4499175)☆60Updated 6 years ago
- User-mode hook bypassing method☆33Updated 9 years ago
- This is a sample that shows how to leverage SetThreadContext for DLL injection☆84Updated 8 years ago
- Decrement Windows Kernel for fun and profit☆38Updated 7 years ago
- windows create process with a dll load first time via LdrHook☆31Updated 8 years ago
- ☆57Updated 11 years ago
- Library for ETW, ProcessTracker sample based on ETW☆33Updated 8 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆76Updated 7 years ago
- View handles and object for each object type☆64Updated 6 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago