Alternatives and similar repositories for AntiHook

Users that are interested in AntiHook are comparing it to the libraries listed below

• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆86Updated 3 years ago
• cs1ime / DICHook
  Hook NtDeviceIoControlFile with PatchGuard
  ☆107Updated 3 years ago
• DearXiaoGui / InfinityHookPro-main
  ☆53Updated 3 years ago
• Jhinxs / ntoskrnl
  收集常用windows版本内核文件
  ☆35Updated 2 years ago
• kanren3 / libalpc
  ☆19Updated last year
• smallzhong / kernel_monitor
  一个windows内核驱动分析框架，对内核所有导出函数进行挂钩监控
  ☆68Updated last month
• zhuhuibeishadiao / WskHttp
  Windows kernel drivers simple HTTP library for modern C++
  ☆40Updated 7 years ago
• ilovecsad / veh_hide_memory
  ☆69Updated 3 years ago
• DragonQuestHero / WindowsSyscallsEx
  Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查
  ☆97Updated 2 years ago
• stdhu / windows-kernel-pagehook
  windows kernel pagehook
  ☆40Updated 3 years ago
• wudun7 / UGuardMap
  bootkit驱动映射，三环进程注入加载指定模块
  ☆14Updated last year
• estimated1337 / lenovo_exec
  CVE-2022-3699 with arbitrary kernel code execution capability
  ☆71Updated 3 years ago
• MapleSwan / PageTableHook
  ☆144Updated 3 years ago
• komimoe / llvm2019
  Visual Studio 2019/2022/2026 extension for building C/C++ projects with the LLVM Compiler Toolchain (installed separately).
  ☆26Updated this week
• TimelifeCzy / kHypervisorBasic
  VT Hook
  ☆49Updated last year
• rogxo / search
  A series of methods used to detect kernel shellcode for tencent game safe race 2024
  ☆45Updated last year
• DragonQuestHero / DwmDraw
  不使用3环挂钩进行DWM桌面绘制
  ☆81Updated 4 years ago
• gn277 / ExceptionByInstCallback
  ☆49Updated last year
• kanren3 / minhook-native
  Based on minhook
  ☆34Updated 2 years ago
• Oxygen1a1 / DrvMon
  a monitoring windows driver calls kernel api tools
  ☆123Updated last year
• qq1045551070 / VtToMe
  之前学习X64VT写的代码，很多坑，但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...
  ☆71Updated 4 years ago
• gmh5225 / warbird-example
  ☆23Updated 2 years ago
• cs1ime / sehcall
  Windows X64 mode use seh in manual mapped dll or manual mapped sys
  ☆77Updated 3 years ago
• IcEy-999 / Kernel-Special-APC-ReadProcessMemory
  Example of reading process memory through kernel special APC
  ☆110Updated 2 years ago
• ThomasonZhao / InfinityHookProMax
  InfinityHookProMax: Make InfinityHook great great again
  ☆49Updated 2 years ago
• Rhydon1337 / windows-kernel-file-delete
  Force a file delete using a windows kernel driver
  ☆72Updated 3 years ago
• fly55555 / ntoskrnl
  大部分常见windows内核文件合集 下方链接里有更多更全面的
  ☆16Updated 2 years ago
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆75Updated 3 years ago
• 2367765883 / hidedriver-normal
  ☆43Updated last year
• IcEy-999 / Ntoskrnl_Viewer
  可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
  ☆107Updated 3 years ago