Alternatives and similar repositories for win-api-monitor:

Users that are interested in win-api-monitor are comparing it to the libraries listed below

• SinaKarvandi / Pinitor
  An API Monitor based on Instrumentation
  ☆43Updated 7 years ago
• ajkhoury / pdbfetch
  Fetch PDB symbols directly from Microsoft's symbol servers
  ☆42Updated 3 years ago
• Broihon / Symbol-Parser
  Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…
  ☆42Updated last year
• h4xu3lyn / FuckPg
  Analysing and defeating PatchGuard universally
  ☆34Updated 4 years ago
• calware / HV-Playground
  A simple and heavily documented series of test hypervisors built for 64-bit Windows 10 systems running under Intel's VT-x
  ☆29Updated 4 years ago
• zodiacon / DbgPrint
  Debug Print viewer (user and kernel)
  ☆65Updated 11 months ago
• moccajoghurt / MemWars
  ☆48Updated 6 years ago
• changeofpace / x64dbg-Anti-Debug-POC
  viewing page boundaries of pages with PAGE_NOACCESS protection reveals the presence of x64dbg.
  ☆23Updated 8 years ago
• alal4465 / KernelMon
  A ProcMon-esque tool for monitoring Windows Kernel Drivers
  ☆54Updated 3 years ago
• VMProtectResearch / vmp2-devirtualization
  vmp2.x devirtualization
  ☆67Updated 2 months ago
• MeeSong / Sunstrider
  Analyze PatchGuard
  ☆54Updated 6 years ago
• mrexodia / MiniDumpPlugin
  Simple x64dbg plugin to save a full memory dump
  ☆49Updated 2 years ago
• kouzhudong / libdrv
  Static Library For Windows Drivers
  ☆33Updated last month
• KiFilterFiberContext / VMP3-Disasm
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆95Updated 2 years ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆28Updated 2 years ago
• anzelesnik / MySyscall
  Example of hijacking system calls via function pointer tables
  ☆32Updated 3 years ago
• 0x25bit / Labs
  ☆37Updated 5 years ago
• mq1n / Wow64SyscallHook
  Wow64 syscall hook
  ☆40Updated 7 years ago
• zodiacon / ndcoslo2019
  NDC Oslo 2019 slides and demos
  ☆32Updated 4 years ago
• Nitr0-G / Rework-part-of-z3-proving
  This is the PoC of a dynamic lifter and deobfuscator with collecting trace.
  ☆35Updated last year
• idkwim / frookSINATRA
  POC of sysenter x64 LSTAR MSR hook
  ☆38Updated 10 years ago
• ergrelet / Scylla
  Fork of Scylla with additional fixes and Python bindings.
  ☆38Updated 6 months ago
• tandasat / ia32-doc
  IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
  ☆16Updated 2 years ago
• Nitr0-G / SVM-Hypervisor
  This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM
  ☆22Updated last year
• christianshub / process-injection-guard
  Signature scanner and API hooks to detect malicious process injection
  ☆22Updated last year
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated 2 years ago
• ergrelet / triton-bn
  Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.
  ☆58Updated 6 months ago
• vtil-project / VTIL-Common
  A common set of helpers used across VTIL toolchain. Moved into -->
  ☆20Updated 4 years ago
• h311d1n3r / LetsHook
  A Windows API hooking library !
  ☆31Updated 2 years ago
• kyREcon / IsKernelDebuggerPresent
  Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …
  ☆23Updated 7 years ago