Alternatives and similar repositories for etw_hook

Users that are interested in etw_hook are comparing it to the libraries listed below

• smallzhong / kernel_monitor
  一个windows内核驱动分析框架，对内核所有导出函数进行挂钩监控
  ☆69Updated 2 months ago
• DearXiaoGui / InfinityHookPro-main
  ☆56Updated 3 years ago
• 2367765883 / hidedriver-normal
  ☆45Updated last year
• Oxygen1a1 / DrvMon
  a monitoring windows driver calls kernel api tools
  ☆126Updated last year
• DragonQuestHero / DwmDraw
  不使用3环挂钩进行DWM桌面绘制
  ☆82Updated 4 years ago
• DragonQuestHero / WindowsSyscallsEx
  Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查
  ☆97Updated 2 years ago
• Kerrbty / RemoteLoadDll
  远程注入无导入函数dll，自动重定位以后内存加载dll
  ☆49Updated 6 years ago
• gn277 / ExceptionByInstCallback
  ☆51Updated last year
• Oxygen1a1 / kcrypt
  an encryption library designed for Windows kernel and driver programming
  ☆124Updated 2 years ago
• ilovecsad / Ark
  ☆81Updated 3 years ago
• Oxygen1a1 / InfinityHookClass
  EtwHook for win7-win11;
  ☆23Updated 3 years ago
• si1kyyy / Read-Write-Driver-2.0
  （communication detected）a kernel driver for game cheater. includes read&write memory / key&mouse simulator / kernel DWM render / process …
  ☆110Updated 8 months ago
• PspExitThread / SKT64
  Anti-Rootkit & System kernel management tool
  ☆49Updated last week
• OMRI-FRX / LMalz
  硬件虚拟化
  ☆61Updated 5 months ago
• 3499409631 / ReadPhysicalMemory-Without-API
  This project can bypass most of the AC except for some perverts that enable VT to monitor page tables
  ☆55Updated last year
• WQARK / WQARK
  ☆26Updated 6 months ago
• komimoe / llvm2019
  Visual Studio 2019/2022/2026 extension for building C/C++ projects with the LLVM Compiler Toolchain (installed separately).
  ☆27Updated 3 weeks ago
• Oxygen1a1 / HideProcess
  Hide Process
  ☆70Updated last year
• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆86Updated 3 years ago
• zoand / BOOM
  A Memory Read And Write the Hide Driver
  ☆72Updated 5 years ago
• zhutingxf / InfinityHookPro
  InfinityHook 支持Win7 到 Win11 最新版本，虚拟机环境及物理机环境
  ☆102Updated last year
• FiYHer / kdmapper
  驱动加载器 -> 利用iqvw64e.sys映射驱动
  ☆56Updated 5 years ago
• IcEy-999 / Ntoskrnl_Viewer
  可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
  ☆109Updated 3 years ago
• Jhinxs / ntoskrnl
  收集常用windows版本内核文件
  ☆35Updated 2 years ago
• haidragon / DriverInjectDll
  InjectDll
  ☆62Updated 7 years ago
• cs1ime / sehcall
  Windows X64 mode use seh in manual mapped dll or manual mapped sys
  ☆80Updated 3 years ago
• MapleSwan / PageTableHook
  ☆144Updated 3 years ago
• cs1ime / DICHook
  Hook NtDeviceIoControlFile with PatchGuard
  ☆107Updated 3 years ago
• huoji120 / MakeInfinityHookGreatAgain
  让Etwhook再次伟大! Make InfinityHook Great Again!
  ☆147Updated 4 years ago
• qq1045551070 / ShotHv
  ShotHv
  ☆152Updated 3 years ago