jay / gethooksLinks
GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
☆61Updated 4 years ago
Alternatives and similar repositories for gethooks
Users that are interested in gethooks are comparing it to the libraries listed below
Sorting:
- WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…☆84Updated 11 months ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process☆96Updated 6 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- C++☆80Updated 8 years ago
- A command line tool to load and unload a device driver.☆47Updated 8 years ago
- This is a sample that shows how to leverage SetThreadContext for DLL injection☆83Updated 7 years ago
- A session-0 capable dll injection utility☆76Updated 7 years ago
- Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.☆65Updated 12 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆107Updated 7 years ago
- Library for kernel and user mode splicing for Windows (x86 and x64).☆64Updated 12 years ago
- library, which help to describe or load and execute PE files.☆54Updated 12 years ago
- Plugin for Process Hacker 2 ( https://github.com/processhacker2 ), displays system hooks and able to unhook too.☆52Updated 7 years ago
- Analyze and attack windows applications using dll hijacking vulnerabilities☆58Updated 5 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Trace events in real time sessions☆45Updated last year
- Standalone program to download PDB Symbol files for debugging without WDK☆79Updated 6 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- ☆28Updated 9 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 9 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆31Updated 8 years ago
- Takes a Windbg dumped structure (using the 'dt' command) and formats it into a C structure☆36Updated last year
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆68Updated 5 years ago
- View handles and object for each object type☆65Updated 5 years ago
- Load a Windows Kernel Driver☆92Updated 8 years ago
- User-mode hook bypassing method☆33Updated 8 years ago
- A Windows tool that can be used to stream data from named pipe between two other process to Wireshark☆111Updated 7 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- Windows kernel-mode callbacks tutorial driver☆47Updated 8 years ago