Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
☆404Apr 13, 2026Updated this week
Alternatives and similar repositories for ntdoc
Users that are interested in ntdoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Native API header files for the System Informer project.☆1,379Mar 26, 2026Updated 2 weeks ago
- Single header version of System Informer's phnt library.☆241Mar 27, 2026Updated 2 weeks ago
- Windows Explorer application written in assembly☆15Jun 15, 2023Updated 2 years ago
- Windows Object Explorer 64-bit☆1,906Mar 22, 2026Updated 3 weeks ago
- Windows NT Syscall tables☆1,403Apr 7, 2026Updated last week
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- PE Viewer☆216Jan 24, 2026Updated 2 months ago
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆140Aug 23, 2022Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,348Updated this week
- Collection of undocumented Windows API declarations.☆344Mar 29, 2026Updated 2 weeks ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆662Jan 28, 2025Updated last year
- Perfect DLL Proxying using forwards with absolute paths.☆345Nov 3, 2025Updated 5 months ago
- Windows Anti-Rootkit Tool☆550Dec 31, 2025Updated 3 months ago
- "Service-less" driver loading☆185Nov 28, 2024Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆97Apr 3, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Undocumented MSVC☆45Nov 10, 2025Updated 5 months ago
- Detours with just single dependency - NTDLL☆677Nov 25, 2025Updated 4 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆239Jan 24, 2025Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆594Aug 2, 2025Updated 8 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆168Aug 23, 2024Updated last year
- Asynchronous Procedure Calls☆241Apr 17, 2021Updated 4 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- miscellaneous scripts and programs☆278Jan 23, 2025Updated last year
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆166Jun 14, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,560Dec 30, 2025Updated 3 months ago
- Process Monitor X v2☆652Jan 22, 2024Updated 2 years ago
- Debugger Anti-Detection Benchmark☆394Mar 1, 2026Updated last month
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 7 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,051Sep 24, 2023Updated 2 years ago
- Windows inline hooking tool.☆302Oct 7, 2018Updated 7 years ago
- Process Injection using Thread Name☆308Apr 18, 2025Updated 11 months ago
- RPC Monitor tool based on Event Tracing for Windows☆390Aug 19, 2024Updated last year
- My personal cheat sheet for using WinDbg for kernel debugging☆455Apr 17, 2025Updated 11 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API☆656Jan 23, 2025Updated last year
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆788Updated this week
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Manual mapping without creating any threads, with rw only access☆810Oct 29, 2019Updated 6 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Feb 12, 2026Updated 2 months ago
- A library to develop kernel level Windows payloads for post HVCI era☆497May 18, 2021Updated 4 years ago