Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
☆421May 3, 2026Updated this week
Alternatives and similar repositories for ntdoc
Users that are interested in ntdoc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Native API header files for the System Informer project.☆1,398Mar 26, 2026Updated last month
- Single header version of System Informer's phnt library.☆242Mar 27, 2026Updated last month
- Windows Explorer application written in assembly☆15Jun 15, 2023Updated 2 years ago
- Windows Object Explorer 64-bit☆1,915Mar 22, 2026Updated last month
- Windows NT Syscall tables☆1,411Apr 7, 2026Updated 3 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- PE Viewer☆220Jan 24, 2026Updated 3 months ago
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆140Aug 23, 2022Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,353Apr 18, 2026Updated 2 weeks ago
- Collection of undocumented Windows API declarations.☆347Apr 26, 2026Updated last week
- "Service-less" driver loading☆186Nov 28, 2024Updated last year
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆662Jan 28, 2025Updated last year
- Perfect DLL Proxying using forwards with absolute paths.☆348Nov 3, 2025Updated 6 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆169Aug 23, 2024Updated last year
- Windows Anti-Rootkit Tool☆558Apr 21, 2026Updated last week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆595Aug 2, 2025Updated 9 months ago
- Hook all callbacks which are registered with LdrRegisterDllNotification☆97Apr 3, 2025Updated last year
- Undocumented MSVC☆45Nov 10, 2025Updated 5 months ago
- Detours with just single dependency - NTDLL☆679Nov 25, 2025Updated 5 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆242Jan 24, 2025Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 8 months ago
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,578Dec 30, 2025Updated 4 months ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆244Sep 26, 2023Updated 2 years ago
- miscellaneous scripts and programs☆281Jan 23, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Process Injection using Thread Name☆309Apr 18, 2025Updated last year
- Asynchronous Procedure Calls☆242Apr 17, 2021Updated 5 years ago
- KDP compatible unsigned driver loader leveraging a write primitive in one of the IOCTLs of gdrv.sys☆168Jun 14, 2024Updated last year
- RPC Monitor tool based on Event Tracing for Windows☆392Aug 19, 2024Updated last year
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,053Sep 24, 2023Updated 2 years ago
- Process Monitor X v2☆654Jan 22, 2024Updated 2 years ago
- Debugger Anti-Detection Benchmark☆398Mar 1, 2026Updated 2 months ago
- WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API☆661Jan 23, 2025Updated last year
- An index of Windows binaries, including download links for executables such as exe, dll and sys files☆810Updated this week
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Windows inline hooking tool.☆310Oct 7, 2018Updated 7 years ago
- My personal cheat sheet for using WinDbg for kernel debugging☆463Apr 17, 2025Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆267Aug 31, 2022Updated 3 years ago
- Windows System Explorer☆884Nov 29, 2025Updated 5 months ago
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆324Mar 12, 2026Updated last month
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated last year
- Reverse engineering winapi function loadlibrary.☆240Apr 17, 2023Updated 3 years ago