Alternatives and similar repositories for API-Hooking:

Users that are interested in API-Hooking are comparing it to the libraries listed below

• SaltedFishBayonet / Windows-Kernel-Crypto
  Windows kernel driver encryption library, support base64, aes-256, rsa-2048 and higher, ecc-256, single file, minimal dependence, support…
  ☆21Updated 3 years ago
• SweetIceLolly / Prevent_File_Deletion
  Record & prevent file deletion in kernel mode
  ☆41Updated 4 years ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆55Updated 8 months ago
• ssyuqixe / obfCoder
  A simple program to obfuscate code written in cpp.
  ☆47Updated 8 months ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆34Updated last year
• bytesundso / SneakCalls
  direct systemcalls with a modern c++20 interface.
  ☆42Updated 2 years ago
• hid3rx / GhostWriting
  ☆22Updated last year
• singlefreshBird / Rootkit
  Rookit and anti rookit on Windows platform
  ☆13Updated 8 months ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆49Updated last year
• st4ckh0und / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆30Updated 2 years ago
• IlayTheVuln / Kernelious-Rootkit
  a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…
  ☆18Updated last year
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆55Updated 11 months ago
• je5442804 / NtCreateUserProcess-Post
  NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
  ☆26Updated 6 months ago
• android1337 / crycall
  Compile-Time Calls Obfuscator for C++14+
  ☆37Updated last year
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆19Updated 3 years ago
• 66flags / inline-syscall
  A simple direct syscall wrapper written in C++ with compatibility for x86 and x64 programs.
  ☆43Updated last year
• idiotc4t / Mapping-injection
  NO WriteProcessMemory CreateRemoteThread APIs call shellcode injection
  ☆27Updated 4 years ago
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆106Updated last year
• msmania / hk
  Injector with kernel power
  ☆16Updated 4 years ago
• D0pam1ne705 / Direct-NtCreateUserProcess
  Call NtCreateUserProcess directly as normal.
  ☆68Updated 2 years ago
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆54Updated 4 months ago
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated last year
• Cc28256 / ObfuscateP
  编译时混淆字符串，以确保生成的二进制PE不会暴漏明文字符串。（C++ 14 及以上）
  ☆26Updated 3 years ago
• Broihon / StartRoutine
  A library with four different methods to execute shellcode in a process
  ☆24Updated 4 years ago
• whitephone / Windows-Rootkits
  ☆26Updated 7 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆84Updated last year
• ZaweSec / KasperskyHook_NewKSDriver
  ☆33Updated last year
• xiaoxiaozhu5 / shadow_tls
  shadow tls
  ☆17Updated 2 years ago
• jdu2600 / Etw-SyscallMonitor
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆54Updated last year