A series of increasingly complex programs demonstrating function hooking on 64 bit Windows. Culminating in a program that hooks mspaint to make it always paint orange.
☆330Mar 24, 2021Updated 4 years ago
Alternatives and similar repositories for hooking-by-example
Users that are interested in hooking-by-example are comparing it to the libraries listed below
Sorting:
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 5 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device o…☆382Mar 15, 2024Updated 2 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- Anti-cheat library for Windows C++☆499Jul 22, 2022Updated 3 years ago
- A way to detect DBI frameworks, Debuggers and VMs.☆24Nov 17, 2020Updated 5 years ago
- A C++14/17 header-only Windows memory editing library with a focus on type safety and modern C++ style.☆13Jun 3, 2019Updated 6 years ago
- Disables virtualprotect checks/hooks so you can modify memory and change memory protection in binaries protected by VMProtect.☆135Jun 13, 2021Updated 4 years ago
- Manual mapping without creating any threads, with rw only access☆808Oct 29, 2019Updated 6 years ago
- usermode standalone kernel interface☆111Jul 9, 2018Updated 7 years ago
- ☆21May 26, 2023Updated 2 years ago
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆116Feb 1, 2022Updated 4 years ago
- The Minimalistic x86/x64 API Hooking Library for Windows☆5,609Nov 3, 2025Updated 4 months ago
- AntiDebugging sample sources written in C++☆350Jul 23, 2018Updated 7 years ago
- C++20, x86/x64 Hooking Libary v2.0☆1,828Nov 16, 2025Updated 4 months ago
- Windows system spy for Mouse, Keyboard and Gamepad(Joystick).☆15Jul 6, 2022Updated 3 years ago
- Analyze patches in a process☆260Jul 28, 2021Updated 4 years ago
- Example of hijacking system calls via function pointer tables☆31Jun 26, 2021Updated 4 years ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆76Nov 12, 2019Updated 6 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- Detours implementation (x64/x86) which used only ntdll import☆93Oct 14, 2025Updated 5 months ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆21Dec 29, 2021Updated 4 years ago
- Detours with just single dependency - NTDLL☆674Nov 25, 2025Updated 3 months ago
- Scripts I made to aid me in everyday reversing or just for fun...☆35Mar 25, 2019Updated 6 years ago
- Inline syscalls made easy for windows on clang☆736Jun 21, 2024Updated last year
- library for importing functions from dlls in a hidden, reverse engineer unfriendly way☆1,903Aug 3, 2023Updated 2 years ago
- Reverse Engineering a signed kernel driver packed and virtualized with VMProtect 3.6☆106Mar 16, 2026Updated last week
- Simple Kernelmode DLL Injector with Manual mapping☆340Nov 29, 2023Updated 2 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆145Feb 15, 2026Updated last month
- Literally, the perfect injector.☆978Apr 13, 2023Updated 2 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆163Oct 20, 2024Updated last year
- API monitoring via return-hijacking thunks; works without information about target function prototypes.☆117May 26, 2020Updated 5 years ago
- System call hook for Windows 10 20H1☆496Jun 26, 2021Updated 4 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆232Jul 26, 2020Updated 5 years ago
- DLL scatter manual mapper☆813Apr 10, 2021Updated 4 years ago
- Native API header files for the System Informer project.☆1,364May 25, 2025Updated 9 months ago
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago