Function hooks in Windows NT Kernel
☆26Oct 13, 2020Updated 5 years ago
Alternatives and similar repositories for EvilHooker
Users that are interested in EvilHooker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Kernel Cheat for Games that use Modern AntiCheat EAC, Vanguard, Battleye etc☆12Dec 2, 2023Updated 2 years ago
- This driver hooks a device object for ioctl and uses mdls to allocate physical pages and manually injects an entry into a process's page …☆16Feb 14, 2023Updated 3 years ago
- X11 + GLFW + Dear ImGUI Overlay☆13Oct 3, 2023Updated 2 years ago
- Two PoC of accessing process virtual memory via NT Kernel☆22Jun 25, 2021Updated 4 years ago
- windows kernel pagehook☆42Oct 30, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- External shellcode wrapper using naked functions to automatically generate payloads☆15Aug 13, 2020Updated 5 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 6 years ago
- Swap control lioctl with trampoline recording in the .text section☆13Jul 1, 2021Updated 4 years ago
- NT reversal☆25Jul 12, 2018Updated 7 years ago
- A dll injector static library for Win x64 processes with handle elevation supported☆12Mar 28, 2021Updated 5 years ago
- i stole this from some guys private repo on github☆59Jul 11, 2021Updated 4 years ago
- ☆15Feb 5, 2021Updated 5 years ago
- a dumb rpm/wpm example driver☆15Jun 7, 2021Updated 4 years ago
- x64 Windows privilege elevation using anycall☆21May 28, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- hooking KiUserApcDispatcher☆27Apr 3, 2017Updated 9 years ago
- allowing um r/w through km from um ioctl ™☆11Jan 2, 2022Updated 4 years ago
- ☆10Apr 19, 2026Updated 2 weeks ago
- UM-KM Communication using registry callbacks☆39Jun 8, 2020Updated 5 years ago
- This utility allows you to lock every available memory regions of an arbitrary process into its working set.☆72May 6, 2023Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing…☆14Nov 8, 2020Updated 5 years ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- NT AUTHORITY\SYSTEM☆44Jul 8, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- External memory hacking class☆25Aug 6, 2023Updated 2 years ago
- ☆23May 28, 2021Updated 4 years ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆20Jul 31, 2019Updated 6 years ago
- ☆75Dec 17, 2019Updated 6 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- A method to Disable DSE using .data ptr hooks☆42Feb 1, 2024Updated 2 years ago
- A simple present scene, kernel allocation injector.☆27Jun 12, 2022Updated 3 years ago
- Rendering on external windows via hijacking thread contexts, with notes on ValidateHwnd☆14Jul 9, 2020Updated 5 years ago
- manually map driver for a signed driver memory space☆177Mar 11, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Simple memory obfuscator.☆23Jul 21, 2022Updated 3 years ago
- A kernel module dumper for Windows x64 using mhyprot vulnerable driver☆37Oct 26, 2020Updated 5 years ago
- A library to manipulate physical memory from usermode.☆302Sep 5, 2023Updated 2 years ago
- r0akmap is a PoC driver manual mapper based on r0ak☆37Aug 18, 2018Updated 7 years ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆51Jan 15, 2021Updated 5 years ago
- External memory library for Windows.☆55May 1, 2022Updated 4 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆74Apr 11, 2022Updated 4 years ago