khalladay / hooking-by-example
A series of increasingly complex programs demonstrating function hooking on 64 bit Windows. Culminating in a program that hooks mspaint to make it always paint orange.
☆277Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for hooking-by-example
- Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes☆327Updated 2 years ago
- C++ graphics kernel subsystem hook☆478Updated 3 years ago
- A bunch of Windows anti-debugging tricks for x86 and x64.☆766Updated 3 years ago
- Collection of undocumented Windows API declarations.☆290Updated 3 weeks ago
- A wrapper library around native windows sytem APIs☆419Updated 3 years ago
- anti debugging library in c++.☆520Updated 9 months ago
- Manual mapping without creating any threads, with rw only access☆697Updated 5 years ago
- C++ STL in the Windows Kernel with C++ Exception Support☆393Updated last year
- Inline syscalls made easy for windows on clang☆672Updated 5 months ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆512Updated 3 weeks ago
- Handle elevation DKOM against ObRegisterCallbacks☆282Updated 6 years ago
- Detours with just single dependency - NTDLL☆612Updated 2 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆845Updated 5 years ago
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆564Updated 5 years ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆728Updated last year
- Anti-debugging techniques on a (bad looking) Win32 application.☆234Updated 8 months ago
- System call hook for Windows 10 20H1☆482Updated 3 years ago
- Anti-cheat library for Windows C++☆403Updated 2 years ago
- C++23 procedure hooking library.☆395Updated 2 weeks ago
- COFF and Portable Executable format described using standard C++ with no dependencies.☆255Updated 7 months ago
- Rendering on external windows via hijacking thread contexts☆377Updated 4 years ago
- X86 Mutation Engine with Portable Executable compatibility.☆452Updated 2 years ago
- Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+☆710Updated 3 years ago
- Simple code to manipulate the memory of a usermode process from kernel.☆275Updated 8 years ago
- The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.☆398Updated 4 months ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆548Updated last month
- DLL scatter manual mapper☆726Updated 3 years ago
- A bunch of parsers for PE and PDB formats in C++☆226Updated 6 months ago
- Literally, the perfect injector.☆868Updated last year
- Driver that uses network sockets to communicate with client and read/ write protected process memory.☆449Updated 5 years ago