mapozyan / etw_hookLinks
etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
☆19Updated last year
Alternatives and similar repositories for etw_hook
Users that are interested in etw_hook are comparing it to the libraries listed below
Sorting:
- ☆53Updated 2 years ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆61Updated last month
- ☆38Updated 11 months ago
- ☆46Updated last year
- a monitoring windows driver calls kernel api tools☆118Updated last year
- 不使用3环挂钩进行DWM桌面绘制☆79Updated 3 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆96Updated 2 years ago
- EtwHook for win7-win11;☆23Updated 3 years ago
- an encryption library designed for Windows kernel and driver programming☆118Updated 2 years ago
- 远程注入无导入函数dll,自动重定位以后内存加载dll☆48Updated 6 years ago
- ☆80Updated 3 years ago
- 硬件虚拟化☆50Updated last month
- ☆20Updated 2 months ago
- ☆27Updated last year
- ☆70Updated 3 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆89Updated 11 months ago
- Hook NtDeviceIoControlFile with PatchGuard☆108Updated 3 years ago
- Process path modification x64☆57Updated 7 years ago
- This project can bypass most of the AC except for some perverts that enable VT to monitor page tables☆52Updated last year
- VT Hook☆47Updated last year
- ☆138Updated 2 years ago
- Anti-Rootkit & System kernel management tool☆31Updated last week
- 之前学习X64VT写的代码,很多坑,但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...☆70Updated 4 years ago
- A Memory Read And Write the Hide Driver☆69Updated 4 years ago
- ShotHv☆149Updated 3 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆143Updated 4 years ago
- Hide Process☆65Updated last year
- Windows kernel drivers simple HTTP library for modern C++☆42Updated 7 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆110Updated 3 years ago
- Windows X64 mode use seh in manual mapped dll or manual mapped sys☆73Updated 2 years ago