Alternatives and similar repositories for API-Hooking

Users that are interested in API-Hooking are comparing it to the libraries listed below

• GoodstudyChina / APC-injection-x86-x64
  ☆74Updated 7 years ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆60Updated last year
• je5442804 / CreateProcessInternalW-Full
  Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post
  ☆77Updated last year
• void-stack / Hypervisor-Detection
  Detects virtual machines and malware analysis environments
  ☆146Updated 3 years ago
• Speedi13 / Custom-GetProcAddress-and-GetModuleHandle-and-more
  Custom GetProcAddress, GetModuleHandleA and some dbghelp.dll functions
  ☆86Updated 6 years ago
• 0mWindyBug / MinifilterHook
  silence file system monitoring components by hooking their minifilters
  ☆59Updated 2 years ago
• 0mWindyBug / KernelInjector
  PoC kernel to usermode injection
  ☆103Updated last year
• android1337 / crycall
  Compile-Time Calls Obfuscator for C++14+
  ☆51Updated 2 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆38Updated 2 years ago
• TheAenema / hm-pe-packer
  A x64 PE Packer/Protector Developed in C++ and VisualStudio
  ☆55Updated 2 years ago
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆77Updated 6 months ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆96Updated 10 months ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆132Updated 2 years ago
• jnastarot / furikuri
  too busy for that all, furikuri is framework for code protection
  ☆164Updated 6 years ago
• sapdragon / syscalls-cpp
  A modern C++20 header-only library for advanced direct system call invocation.
  ☆165Updated 3 weeks ago
• Fatmike-GH / PELoader
  A Windows PE loader / manual mapper for executables (x86 and x64) with full TLS (Thread Local Storage) support.
  ☆84Updated 3 months ago
• notcpuid / pe-packer
  x86-x64 Packer with Portable Executable compatibility.
  ☆100Updated last month
• A-Normal-User / NtSocket_NtClient_NtServer
  Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock（利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能）
  ☆127Updated 3 years ago
• fengjixuchui / khaleesi
  Anti-debug library based on al-khaser with ScyllaHide/TitanHide detection.
  ☆63Updated 6 years ago
• huoji120 / CowInjecter
  滥用cow机制进行全局注入
  ☆99Updated 5 years ago
• android1337 / crystr
  Compile-Time Strings and Numbers Encryption for C++20
  ☆58Updated 11 months ago
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆53Updated 8 years ago
• SaulBerrenson / WinApiObfuscator
  Header only library for obfuscation import winapi functions.
  ☆43Updated 11 months ago
• je5442804 / NtCreateUserProcess-Post
  NtCreateUserProcess with CsrClientCallServer for mainstream Windows x64 version
  ☆42Updated last year
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆112Updated 3 years ago
• TomashuTTTT7 / Hidecall
  Hide function calls to prevent reverse-engineering
  ☆74Updated 4 years ago
• zer0condition / checkhv_um
  tests to catch some sloppy hv impls
  ☆32Updated last month
• danielkrupinski / KernelProcessList
  Example Windows Kernel-mode Driver which enumerates running processes.
  ☆60Updated 3 years ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆115Updated last year
• amitschendel / venom-rootkit
  A simple Windows kernel rootkit.
  ☆96Updated 8 months ago