Alternatives and similar repositories for ntdoc

Users that are interested in ntdoc are comparing it to the libraries listed below

• MiroKaku / Musa.Veil
  Collection of undocumented Windows API declarations.
  ☆314Updated last month
• mrexodia / phnt-single-header
  Single header version of System Informer's phnt library.
  ☆217Updated last week
• hfiref0x / WubbabooMark
  Debugger Anti-Detection Benchmark
  ☆332Updated last year
• czs108 / Windows-PE-Packer
  🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…
  ☆340Updated 6 months ago
• anzelesnik / SyscallHook
  System call hook for Windows 10 20H1
  ☆487Updated 3 years ago
• vxlang / vxlang-page
  protector & obfuscator & code virtualizer
  ☆524Updated this week
• JustasMasiulis / inline_syscall
  Inline syscalls made easy for windows on clang
  ☆703Updated 10 months ago
• x86matthew / WinVisor
  WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API
  ☆567Updated 3 months ago
• JustasMasiulis / wow64pp
  A modern c++ implementation of windows heavens gate
  ☆222Updated 4 years ago
• ryan-weil / HideProcessHook
  DLL that hooks the NtQuerySystemInformation API and hides a process name
  ☆288Updated 2 years ago
• Xyrem / HyperDeceit
  HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…
  ☆362Updated last year
• adrianyy / kernelhook
  Windows inline hooking tool.
  ☆268Updated 6 years ago
• can1357 / NtRays
  Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
  ☆598Updated 3 months ago
• notpidgey / EagleVM
  Native code virtualizer for x64 binaries
  ☆484Updated 4 months ago
• crvvdev / MasterHide
  A x64 Windows Rootkit using SSDT or Hypervisor hook
  ☆536Updated 4 months ago
• ElliotKillick / operating-system-design-review
  Operating System Design Review: A systemic analysis of modern systems architecture
  ☆312Updated 2 months ago
• guidedhacking / GH_AntiDebug_Bypass_Practice_Tool
  Guided Hacking's official tool to practice bypassing anti-debug techniques.
  ☆253Updated last week
• Cracked5pider / LdrLibraryEx
  A small x64 library to load dll's into memory.
  ☆437Updated last year
• hfiref0x / NtCall64
  Windows NT x64 syscall fuzzer
  ☆605Updated last year
• connorjaydunn / BinaryShield
  An x86-64 Code Virtualizer
  ☆258Updated 7 months ago
• VoidSec / DriverBuddyReloaded
  Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks
  ☆356Updated 6 months ago
• NullArray / WinKernel-Resources
  A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …
  ☆143Updated 2 years ago
• can1357 / linux-pe
  COFF and Portable Executable format described using standard C++ with no dependencies.
  ☆279Updated 3 weeks ago
• VergiliusProject / vergilius-project
  This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…
  ☆203Updated 3 months ago
• can1357 / selene
  Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!
  ☆337Updated 3 weeks ago
• Cr4sh / KernelForge
  A library to develop kernel level Windows payloads for post HVCI era
  ☆405Updated 3 years ago
• can1357 / hvdetecc
  Collection of hypervisor detections
  ☆236Updated 7 months ago
• Xyrem / Yumekage
  Demo proof of concept for shadow regions, and implementation of HyperDeceit.
  ☆277Updated last year
• zodiacon / TotalPE2
  PE Viewer
  ☆179Updated 3 months ago
• zodiacon / windowskernelprogrammingbook2e
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆332Updated 4 months ago