kubo / funchookLinks
Hook function calls by inserting jump instructions at runtime
☆689Updated last year
Alternatives and similar repositories for funchook
Users that are interested in funchook are comparing it to the libraries listed below
Sorting:
- Library for injecting a shared library into a Linux or Windows process☆574Updated last year
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,228Updated last year
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,222Updated last week
- The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support☆746Updated last month
- Detours with just single dependency - NTDLL☆645Updated 2 years ago
- Hook system calls, context switches, page faults and more.☆2,544Updated 2 years ago
- A bunch of Windows anti-debugging tricks for x86 and x64.☆785Updated 4 years ago
- C++20, x86/x64 Hooking Libary v2.0☆1,705Updated 2 months ago
- heavily vectorized c++17 compile time string encryption.☆1,314Updated 3 years ago
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆844Updated last year
- A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.☆574Updated 3 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆973Updated 2 years ago
- Inline syscalls made easy for windows on clang☆706Updated 11 months ago
- Tool for PDB generation from IDA Pro database☆587Updated 7 months ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆807Updated last year
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆861Updated 9 months ago
- IDAPython tool for creating automatic C++ virtual tables in IDA Pro☆1,326Updated 3 years ago
- A library for loading dll module bypassing windows PE loader from memory (x86/x64)☆552Updated last year
- Hook function calls by replacing PLT(Procedure Linkage Table) entries.☆813Updated 9 months ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆741Updated 6 years ago
- PDBRipper is a utility for extract an information from PDB-files.☆839Updated this week
- library for importing functions from dlls in a hidden, reverse engineer unfriendly way☆1,765Updated last year
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,256Updated 3 years ago
- Principled, lightweight C/C++ PE parser☆843Updated 6 months ago
- Virtual-machine Translation Intermediate Language☆1,400Updated last year
- Windows NT Syscall tables☆1,288Updated last month
- Simple x86-64 VT-x Hypervisor with EPT Hooking☆896Updated 2 years ago
- TitanEngine Community Edition. Debug engine used by x64dbg.☆425Updated 2 weeks ago
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,012Updated 3 years ago
- A private Lumina server for IDA Pro☆1,001Updated 7 months ago