m417z/ntdoc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

m417z/ntdoc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/m417z/ntdoc)

Close

m417z / ntdocView on GitHubMore

• External links
• Readme badge

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

☆389Feb 23, 2026Updated last week

Alternatives and similar repositories for ntdoc

Users that are interested in ntdoc are comparing it to the libraries listed below

• winsiderss / phnt

  View on GitHub
  Native API header files for the System Informer project.
  ☆1,347May 25, 2025Updated 9 months ago
• Baron-von-Riedesel / ExplASM

  View on GitHub
  Windows Explorer application written in assembly
  ☆15Jun 15, 2023Updated 2 years ago
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,886Feb 10, 2026Updated 2 weeks ago
• mrexodia / phnt-single-header

  View on GitHub
  Single header version of System Informer's phnt library.
  ☆241Jan 9, 2026Updated last month
• zodiacon / TotalPE2

  View on GitHub
  PE Viewer
  ☆210Jan 24, 2026Updated last month
• hfiref0x / SyscallTables

  View on GitHub
  Windows NT Syscall tables
  ☆1,388Dec 31, 2025Updated 2 months ago
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆657Jan 28, 2025Updated last year
• KiFilterFiberContext / windows-software-policy

  View on GitHub
  Research on obfuscated licensing APIs / CLIP service in the Windows kernel
  ☆139Aug 23, 2022Updated 3 years ago
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆228Jan 24, 2025Updated last year
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated 11 months ago
• Dump-GUY / IDA_PHNT_TYPES

  View on GitHub
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆163Aug 23, 2024Updated last year
• mrexodia / perfect-dll-proxy

  View on GitHub
  Perfect DLL Proxying using forwards with absolute paths.
  ☆338Nov 3, 2025Updated 3 months ago
• MiroKaku / Musa.Veil

  View on GitHub
  Collection of undocumented Windows API declarations.
  ☆343Jan 22, 2026Updated last month
• Cr4sh / KernelForge

  View on GitHub
  A library to develop kernel level Windows payloads for post HVCI era
  ☆486May 18, 2021Updated 4 years ago
• P1tt1cus / FastSymApi

  View on GitHub
  FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.
  ☆19Feb 12, 2026Updated 2 weeks ago
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆242Sep 26, 2023Updated 2 years ago
• wbenny / DetoursNT

  View on GitHub
  Detours with just single dependency - NTDLL
  ☆672Nov 25, 2025Updated 3 months ago
• BeneficialCode / WinArk

  View on GitHub
  Windows Anti-Rootkit Tool
  ☆546Dec 31, 2025Updated 2 months ago
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆590Aug 2, 2025Updated 7 months ago
• zodiacon / ProcMonXv2

  View on GitHub
  Process Monitor X v2
  ☆648Jan 22, 2024Updated 2 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆268Aug 31, 2022Updated 3 years ago
• hasherezade / libpeconv

  View on GitHub
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,331Oct 31, 2025Updated 4 months ago
• hfiref0x / WubbabooMark

  View on GitHub
  Debugger Anti-Detection Benchmark
  ☆382Jan 11, 2026Updated last month
• ramensoftware / windhawk-symbol-helper

  View on GitHub
  A tool to get symbols from executables to help with Windhawk mod development
  ☆27May 3, 2025Updated 9 months ago
• m417z / LdrDllNotificationHook

  View on GitHub
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆96Apr 3, 2025Updated 10 months ago
• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆384Aug 19, 2024Updated last year
• assarbad / msvc-undoc

  View on GitHub
  Undocumented MSVC
  ☆43Nov 10, 2025Updated 3 months ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆277Jan 23, 2025Updated last year
• 0mWindyBug / KDP-compatible-driver-loader

  View on GitHub
  KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
  ☆165Jun 14, 2024Updated last year
• repnz / windbg-cheat-sheet

  View on GitHub
  My personal cheat sheet for using WinDbg for kernel debugging
  ☆453Apr 17, 2025Updated 10 months ago
• zodiacon / SystemExplorer

  View on GitHub
  Windows System Explorer
  ☆878Nov 29, 2025Updated 3 months ago
• mactec0 / Kernelmode-manual-mapping-through-IAT

  View on GitHub
  Manual mapping without creating any threads, with rw only access
  ☆805Oct 29, 2019Updated 6 years ago
• adrianyy / kernelhook

  View on GitHub
  Windows inline hooking tool.
  ☆298Oct 7, 2018Updated 7 years ago
• Colton1skees / Dna

  View on GitHub
  LLVM based static binary analysis framework
  ☆302Apr 2, 2025Updated 11 months ago
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,043Sep 24, 2023Updated 2 years ago
• can1357 / ByePg

  View on GitHub
  Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.
  ☆902Nov 21, 2019Updated 6 years ago
• zeze-zeze / ioctlance

  View on GitHub
  A tool that is used to hunt vulnerabilities in x64 WDM drivers
  ☆441Dec 7, 2025Updated 2 months ago
• snowsnowsnows / EagleVM

  View on GitHub
  Native code virtualizer for x64 binaries
  ☆517Dec 20, 2024Updated last year
• HoShiMin / formatPE

  View on GitHub
  A bunch of parsers for PE and PDB formats in C++
  ☆267May 15, 2024Updated last year