jay / gethooks
GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
☆61Updated 3 years ago
Alternatives and similar repositories for gethooks:
Users that are interested in gethooks are comparing it to the libraries listed below
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆82Updated 6 months ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 8 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆63Updated 12 years ago
- Plugin for Process Hacker 2 ( https://github.com/processhacker2 ), displays system hooks and able to unhook too.☆49Updated 7 years ago
- Advance LPC☆62Updated 7 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆95Updated 6 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆75Updated 14 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆139Updated 6 years ago
- A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.☆54Updated 5 years ago
- A session-0 capable dll injection utility☆76Updated 6 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆56Updated 5 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆102Updated 6 years ago
- Standalone program to download PDB Symbol files for debugging without WDK☆76Updated 5 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆35Updated 8 months ago
- C++☆80Updated 8 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆87Updated 9 years ago
- Anti-Anti-VM solution via Windows Driver☆57Updated 6 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆67Updated 4 years ago
- library, which help to describe or load and execute PE files.☆54Updated 11 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆94Updated 2 months ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…☆58Updated 4 years ago
- View handles and object for each object type☆62Updated 5 years ago
- Analyze PatchGuard☆55Updated 6 years ago
- ☆26Updated 6 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆68Updated 8 years ago