khalladay / hooking-by-exampleLinks
A series of increasingly complex programs demonstrating function hooking on 64 bit Windows. Culminating in a program that hooks mspaint to make it always paint orange.
☆318Updated 4 years ago
Alternatives and similar repositories for hooking-by-example
Users that are interested in hooking-by-example are comparing it to the libraries listed below
Sorting:
- Handle elevation DKOM against ObRegisterCallbacks☆314Updated 6 years ago
- Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes☆337Updated 3 years ago
- A bunch of Windows anti-debugging tricks for x86 and x64.☆793Updated 4 years ago
- anti debugging library in c++.☆570Updated last year
- C++ graphics kernel subsystem hook☆532Updated 4 years ago
- A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.☆594Updated 3 years ago
- Guided Hacking's official tool to practice bypassing anti-debug techniques.☆285Updated 3 months ago
- A wrapper library around native windows sytem APIs☆441Updated 4 years ago
- C++ STL in the Windows Kernel with C++ Exception Support☆423Updated 2 years ago
- Inline syscalls made easy for windows on clang☆720Updated last year
- X86 Mutation Engine with Portable Executable compatibility.☆520Updated 3 years ago
- A x64 Windows Rootkit using SSDT or Hypervisor hook☆554Updated 7 months ago
- Anti-cheat library for Windows C++☆467Updated 3 years ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆749Updated 4 months ago
- Collection of undocumented Windows API declarations.☆323Updated last week
- This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemo…☆611Updated 6 years ago
- C++17 PE manualmapper☆374Updated 3 years ago
- A bunch of parsers for PE and PDB formats in C++☆253Updated last year
- AntiDebugging sample sources written in C++☆342Updated 7 years ago
- COFF and Portable Executable format described using standard C++ with no dependencies.☆328Updated 4 months ago
- Rendering on external windows via hijacking thread contexts☆398Updated 5 years ago
- Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers☆288Updated this week
- Manual mapping without creating any threads, with rw only access☆765Updated 5 years ago
- Compile-time, Usermode + Kernelmode, safe and lightweight string crypter library for C++11+☆780Updated 4 years ago
- DLL scatter manual mapper☆795Updated 4 years ago
- Detours with just single dependency - NTDLL☆648Updated 3 years ago
- Kernel mode driver for reading/writing process memory. C/Win32.☆301Updated 7 years ago
- Driver that uses network sockets to communicate with client and read/ write protected process memory.☆566Updated 6 years ago
- System call hook for Windows 10 20H1☆495Updated 4 years ago
- TitanEngine Community Edition. Debug engine used by x64dbg.☆445Updated 2 weeks ago