Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
☆448Jun 28, 2026Updated this week
Alternatives and similar repositories for ntdoc
Users that are interested in ntdoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Native API header files for the System Informer project.☆1,431Mar 26, 2026Updated 3 months ago
- Single header version of System Informer's phnt library.☆246Mar 27, 2026Updated 3 months ago
- Windows Explorer application written in assembly☆15Jun 15, 2023Updated 3 years ago
- Windows Object Explorer 64-bit☆1,944Jun 27, 2026Updated last week
- Windows NT Syscall tables☆1,435Jun 19, 2026Updated 2 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- PE Viewer☆230Jun 11, 2026Updated 3 weeks ago
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆142Aug 23, 2022Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,366Apr 18, 2026Updated 2 months ago
- Collection of undocumented Windows API declarations.☆359May 30, 2026Updated last month
- "Service-less" driver loading☆189Nov 28, 2024Updated last year
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆675Jan 28, 2025Updated last year
- Perfect DLL Proxying using forwards with absolute paths.☆360Nov 3, 2025Updated 8 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆170Aug 23, 2024Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆607Aug 2, 2025Updated 11 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Windows Anti-Rootkit Tool☆562Jun 12, 2026Updated 3 weeks ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆100Apr 3, 2025Updated last year
- Detours with just single dependency - NTDLL☆681Nov 25, 2025Updated 7 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆257Jan 24, 2025Updated last year
- Undocumented MSVC☆49Nov 10, 2025Updated 7 months ago
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,607Dec 30, 2025Updated 6 months ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 10 months ago
- miscellaneous scripts and programs☆287May 13, 2026Updated last month
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Process Injection using Thread Name☆309Apr 18, 2025Updated last year
- Asynchronous Procedure Calls☆247Apr 17, 2021Updated 5 years ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆171Jun 14, 2024Updated 2 years ago
- RPC Monitor tool based on Event Tracing for Windows☆407Aug 19, 2024Updated last year
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,059Sep 24, 2023Updated 2 years ago
- Process Monitor X v2☆657Jan 22, 2024Updated 2 years ago
- WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API☆666Jan 23, 2025Updated last year
- Debugger Anti-Detection Benchmark☆412Mar 1, 2026Updated 4 months ago
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆847Updated this week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Windows inline hooking tool.☆310Oct 7, 2018Updated 7 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆269Aug 31, 2022Updated 3 years ago
- Windows System Explorer☆889Nov 29, 2025Updated 7 months ago
- My personal cheat sheet for using WinDbg for kernel debugging☆474Apr 17, 2025Updated last year
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆336Mar 12, 2026Updated 3 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Archived comments for old pages of The Old New Thing, a userscript to embed them and fix old links☆15Feb 14, 2025Updated last year