A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.
☆39Sep 23, 2023Updated 2 years ago
Alternatives and similar repositories for InstrumentationCallbackToolKit
Users that are interested in InstrumentationCallbackToolKit are comparing it to the libraries listed below
Sorting:
- ☆29Nov 22, 2023Updated 2 years ago
- Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…☆22Jul 6, 2024Updated last year
- ☆11Jun 24, 2024Updated last year
- ☆26Dec 29, 2021Updated 4 years ago
- 废物自救项目!一起向光而行!!!☆11May 7, 2022Updated 3 years ago
- Freaking Injector is a tool which made for injecting dlls into other processes in Windows x64 systems with bunch of diffrent injection me…☆11Dec 3, 2020Updated 5 years ago
- really ?☆12Feb 29, 2024Updated 2 years ago
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- clone from myJIT(a fork of GNU lightning)☆11Mar 17, 2015Updated 10 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- C# API for Nidhogg rootkit☆21Apr 25, 2024Updated last year
- modern c++ wrapper around the microsoft portable executable file format☆36Nov 22, 2025Updated 3 months ago
- ☆17Apr 18, 2023Updated 2 years ago
- A fully static Roblox Client Decryptor☆31Aug 30, 2025Updated 6 months ago
- Templated Obfuscation example in C++ for protecting/hiding values in memory☆40Feb 1, 2025Updated last year
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- ☆24Jul 15, 2023Updated 2 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- A manual PE mapping implementation, aka reflective loader☆21Sep 11, 2022Updated 3 years ago
- ☆22Jan 24, 2023Updated 3 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆50May 13, 2023Updated 2 years ago
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- A minimalistic logger for Windows Kernel Drivers.☆25Mar 8, 2024Updated last year
- An advanced DKOM for drivers with "DRIVER_OBJECT"☆22Feb 19, 2023Updated 3 years ago
- A tool to force detach the Surface Book 2's screen even with low battery☆21Jul 31, 2020Updated 5 years ago
- A minecraft forge mod injector☆21Aug 28, 2021Updated 4 years ago
- Fortnite Internal☆21Apr 12, 2022Updated 3 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆155Nov 14, 2021Updated 4 years ago
- ScrapeAW is a framework that without API scrape IPs across the world using Shodan☆11May 16, 2024Updated last year
- Bypassing kernel patch protection runtime☆22Feb 19, 2023Updated 3 years ago
- Library for linking multiple PE\PE + files to one☆52Mar 16, 2024Updated last year
- Uses ghidra to find all ETW write metadata for each API in a PE file☆27Jul 26, 2024Updated last year
- x64 syscall caller in C++.☆93Jun 23, 2018Updated 7 years ago
- Example of real-time Windows ETW packet capture session☆54Jul 12, 2017Updated 8 years ago
- Dump SourceGuardian-protected PHP 5.4 files with VLD.☆27Nov 29, 2022Updated 3 years ago
- Dell Driver EoP (CVE-2021-21551)☆26Feb 3, 2023Updated 3 years ago
- ☆27Oct 16, 2017Updated 8 years ago
- A python library for generate ida pro files (*.idb/*.i64) in batch mode & compare executable files use bindiff in batch mode.☆32Jul 9, 2025Updated 7 months ago
- Ensemble-HackTools is an awesome collection of hacking tools.☆28May 8, 2024Updated last year