kubo / funchook
Hook function calls by inserting jump instructions at runtime
☆682Updated 11 months ago
Alternatives and similar repositories for funchook:
Users that are interested in funchook are comparing it to the libraries listed below
- Library for injecting a shared library into a Linux or Windows process☆554Updated last year
- Hook function calls by replacing PLT(Procedure Linkage Table) entries.☆805Updated 7 months ago
- Detours with just single dependency - NTDLL☆620Updated 2 years ago
- C++20, x86/x64 Hooking Libary v2.0☆1,667Updated this week
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆850Updated 7 months ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,206Updated 11 months ago
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆739Updated last year
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆829Updated 10 months ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,232Updated 3 years ago
- A bunch of Windows anti-debugging tricks for x86 and x64.☆779Updated 3 years ago
- Virtual-machine Translation Intermediate Language☆1,386Updated last year
- Tool for PDB generation from IDA Pro database☆576Updated 5 months ago
- PDBRipper is a utility for extract an information from PDB-files.☆826Updated this week
- heavily vectorized c++17 compile time string encryption.☆1,283Updated 3 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆961Updated 2 years ago
- COFF and Portable Executable format described using standard C++ with no dependencies.☆278Updated last month
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,189Updated 3 weeks ago
- VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.☆799Updated 4 years ago
- Principled, lightweight C/C++ PE parser☆825Updated 4 months ago
- BeaEngine disasm project☆531Updated 4 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆738Updated 6 years ago
- Windows NT Syscall tables☆1,258Updated 2 months ago
- Inline syscalls made easy for windows on clang☆698Updated 9 months ago
- x86/x64 C++ Hooking Library☆901Updated 4 years ago
- A library for loading dll module bypassing windows PE loader from memory (x86/x64)☆545Updated last year
- bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, des…☆941Updated last week
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆861Updated 5 years ago
- IDAPython tool for creating automatic C++ virtual tables in IDA Pro☆1,309Updated 3 years ago
- Simple x86-64 VT-x Hypervisor with EPT Hooking☆881Updated last year
- Hook system calls, context switches, page faults and more.☆2,513Updated last year