m417z/ntdoc external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

m417z/ntdoc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/m417z/ntdoc)

Close

m417z / ntdocView on GitHubMore

• External links
• Readme badge

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers

☆428May 17, 2026Updated last week

Alternatives and similar repositories for ntdoc

Users that are interested in ntdoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• winsiderss / phnt

  View on GitHub
  Native API header files for the System Informer project.
  ☆1,412Mar 26, 2026Updated last month
• mrexodia / phnt-single-header

  View on GitHub
  Single header version of System Informer's phnt library.
  ☆242Mar 27, 2026Updated last month
• Baron-von-Riedesel / ExplASM

  View on GitHub
  Windows Explorer application written in assembly
  ☆15Jun 15, 2023Updated 2 years ago
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,922Mar 22, 2026Updated 2 months ago
• hfiref0x / SyscallTables

  View on GitHub
  Windows NT Syscall tables
  ☆1,419May 9, 2026Updated 2 weeks ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• zodiacon / TotalPE2

  View on GitHub
  PE Viewer
  ☆223Updated this week
• KiFilterFiberContext / windows-software-policy

  View on GitHub
  Research on obfuscated licensing APIs / CLIP service in the Windows kernel
  ☆140Aug 23, 2022Updated 3 years ago
• hasherezade / libpeconv

  View on GitHub
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,358Apr 18, 2026Updated last month
• MiroKaku / Musa.Veil

  View on GitHub
  Collection of undocumented Windows API declarations.
  ☆350Updated this week
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆186Nov 28, 2024Updated last year
• can1357 / NtRays

  View on GitHub
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆666Jan 28, 2025Updated last year
• mrexodia / perfect-dll-proxy

  View on GitHub
  Perfect DLL Proxying using forwards with absolute paths.
  ☆353Nov 3, 2025Updated 6 months ago
• Dump-GUY / IDA_PHNT_TYPES

  View on GitHub
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆170Aug 23, 2024Updated last year
• BeneficialCode / WinArk

  View on GitHub
  Windows Anti-Rootkit Tool
  ☆560May 9, 2026Updated 2 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• eversinc33 / Banshee

  View on GitHub
  Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.
  ☆602Aug 2, 2025Updated 9 months ago
• m417z / LdrDllNotificationHook

  View on GitHub
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆99Apr 3, 2025Updated last year
• wbenny / DetoursNT

  View on GitHub
  Detours with just single dependency - NTDLL
  ☆680Nov 25, 2025Updated 6 months ago
• SamuelTulach / HookGuard

  View on GitHub
  Hooking Windows' exception dispatcher to protect process's PML4
  ☆250Jan 24, 2025Updated last year
• assarbad / msvc-undoc

  View on GitHub
  Undocumented MSVC
  ☆46Nov 10, 2025Updated 6 months ago
• hasherezade / waiting_thread_hijacking

  View on GitHub
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆264Aug 31, 2025Updated 8 months ago
• j00ru / windows-syscalls

  View on GitHub
  Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
  ☆2,595Dec 30, 2025Updated 4 months ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆286May 13, 2026Updated last week
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆245Sep 26, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆309Apr 18, 2025Updated last year
• 3gstudent / Inject-dll-by-APC

  View on GitHub
  Asynchronous Procedure Calls
  ☆238Apr 17, 2021Updated 5 years ago
• 0mWindyBug / KDP-compatible-driver-loader

  View on GitHub
  KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys
  ☆168Jun 14, 2024Updated last year
• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆394Aug 19, 2024Updated last year
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,057Sep 24, 2023Updated 2 years ago
• zodiacon / ProcMonXv2

  View on GitHub
  Process Monitor X v2
  ☆656Jan 22, 2024Updated 2 years ago
• x86matthew / WinVisor

  View on GitHub
  WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
  ☆665Jan 23, 2025Updated last year
• hfiref0x / WubbabooMark

  View on GitHub
  Debugger Anti-Detection Benchmark
  ☆402Mar 1, 2026Updated 2 months ago
• m417z / winbindex

  View on GitHub
  An index of Windows binaries, including download links for executables such as exe, dll and sys files
  ☆826Updated this week
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• adrianyy / kernelhook

  View on GitHub
  Windows inline hooking tool.
  ☆310Oct 7, 2018Updated 7 years ago
• KiFilterFiberContext / warbird-hook

  View on GitHub
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆270Aug 31, 2022Updated 3 years ago
• zodiacon / SystemExplorer

  View on GitHub
  Windows System Explorer
  ☆884Nov 29, 2025Updated 5 months ago
• repnz / windbg-cheat-sheet

  View on GitHub
  My personal cheat sheet for using WinDbg for kernel debugging
  ☆466Apr 17, 2025Updated last year
• eversinc33 / unKover

  View on GitHub
  Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.
  ☆326Mar 12, 2026Updated 2 months ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated last year
• m417z / the-old-new-thing-userscript

  View on GitHub
  Archived comments for old pages of The Old New Thing, a userscript to embed them and fix old links
  ☆15Feb 14, 2025Updated last year