m417z/ntdoc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

m417z/ntdoc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/m417z/ntdoc)

Close

m417z / ntdocView on GitHubMore

• External links
• Readme badge

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

☆439Jun 6, 2026Updated last week

Alternatives and similar repositories for ntdoc

Users that are interested in ntdoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• winsiderss / phnt

  View on GitHub
  Native API header files for the System Informer project.
  ☆1,424Mar 26, 2026Updated 2 months ago
• mrexodia / phnt-single-header

  View on GitHub
  Single header version of System Informer's phnt library.
  ☆243Mar 27, 2026Updated 2 months ago
• Baron-von-Riedesel / ExplASM

  View on GitHub
  Windows Explorer application written in assembly
  ☆15Jun 15, 2023Updated 2 years ago
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,935May 30, 2026Updated 2 weeks ago
• hfiref0x / SyscallTables

  View on GitHub
  Windows NT Syscall tables
  ☆1,431Jun 1, 2026Updated last week
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• zodiacon / TotalPE2

  View on GitHub
  PE Viewer
  ☆228Updated this week
• KiFilterFiberContext / windows-software-policy

  View on GitHub
  Research on obfuscated licensing APIs / CLIP service in the Windows kernel
  ☆141Aug 23, 2022Updated 3 years ago
• hasherezade / libpeconv

  View on GitHub
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,360Apr 18, 2026Updated last month
• MiroKaku / Musa.Veil

  View on GitHub
  Collection of undocumented Windows API declarations.
  ☆357May 30, 2026Updated 2 weeks ago
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆188Nov 28, 2024Updated last year
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆673Jan 28, 2025Updated last year
• mrexodia / perfect-dll-proxy

  View on GitHub
  Perfect DLL Proxying using forwards with absolute paths.
  ☆359Nov 3, 2025Updated 7 months ago
• Dump-GUY / IDA_PHNT_TYPES

  View on GitHub
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆170Aug 23, 2024Updated last year
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆605Aug 2, 2025Updated 10 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• BeneficialCode / WinArk

  View on GitHub
  Windows Anti-Rootkit Tool
  ☆561May 9, 2026Updated last month
• m417z / LdrDllNotificationHook

  View on GitHub
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆100Apr 3, 2025Updated last year
• wbenny / DetoursNT

  View on GitHub
  Detours with just single dependency - NTDLL
  ☆680Nov 25, 2025Updated 6 months ago
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆256Jan 24, 2025Updated last year
• assarbad / msvc-undoc

  View on GitHub
  Undocumented MSVC
  ☆49Nov 10, 2025Updated 7 months ago
• j00ru / windows-syscalls

  View on GitHub
  Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
  ☆2,604Dec 30, 2025Updated 5 months ago
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆264Aug 31, 2025Updated 9 months ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆286May 13, 2026Updated last month
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆246Sep 26, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆308Apr 18, 2025Updated last year
• 3gstudent / Inject-dll-by-APC

  View on GitHub
  Asynchronous Procedure Calls
  ☆241Apr 17, 2021Updated 5 years ago
• 0mWindyBug / KDP-compatible-driver-loader

  View on GitHub
  KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
  ☆170Jun 14, 2024Updated 2 years ago
• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆403Aug 19, 2024Updated last year
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,057Sep 24, 2023Updated 2 years ago
• zodiacon / ProcMonXv2

  View on GitHub
  Process Monitor X v2
  ☆656Jan 22, 2024Updated 2 years ago
• x86matthew / WinVisor

  View on GitHub
  WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
  ☆666Jan 23, 2025Updated last year
• hfiref0x / WubbabooMark

  View on GitHub
  Debugger Anti-Detection Benchmark
  ☆410Mar 1, 2026Updated 3 months ago
• m417z / winbindex

  View on GitHub
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆836Updated this week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• adrianyy / kernelhook

  View on GitHub
  Windows inline hooking tool.
  ☆310Oct 7, 2018Updated 7 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆272Aug 31, 2022Updated 3 years ago
• zodiacon / SystemExplorer

  View on GitHub
  Windows System Explorer
  ☆887Nov 29, 2025Updated 6 months ago
• repnz / windbg-cheat-sheet

  View on GitHub
  My personal cheat sheet for using WinDbg for kernel debugging
  ☆472Apr 17, 2025Updated last year
• eversinc33 / unKover

  View on GitHub
  Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.
  ☆334Mar 12, 2026Updated 3 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated last year
• m417z / the-old-new-thing-userscript

  View on GitHub
  Archived comments for old pages of The Old New Thing, a userscript to embed them and fix old links
  ☆15Feb 14, 2025Updated last year