Alternatives and similar repositories for etw_hook

Users that are interested in etw_hook are comparing it to the libraries listed below

• smallzhong / kernel_monitor
  一个windows内核驱动分析框架，对内核所有导出函数进行挂钩监控
  ☆69Updated 2 months ago
• Oxygen1a1 / kcrypt
  an encryption library designed for Windows kernel and driver programming
  ☆124Updated 2 years ago
• Oxygen1a1 / DrvMon
  a monitoring windows driver calls kernel api tools
  ☆126Updated last year
• DearXiaoGui / InfinityHookPro-main
  ☆56Updated 3 years ago
• 2367765883 / hidedriver-normal
  ☆45Updated last year
• WQARK / WQARK
  ☆26Updated 6 months ago
• DragonQuestHero / DwmDraw
  不使用3环挂钩进行DWM桌面绘制
  ☆82Updated 4 years ago
• gn277 / ExceptionByInstCallback
  ☆51Updated last year
• zhutingxf / InfinityHookPro
  InfinityHook 支持Win7 到 Win11 最新版本，虚拟机环境及物理机环境
  ☆104Updated last year
• Kerrbty / RemoteLoadDll
  远程注入无导入函数dll，自动重定位以后内存加载dll
  ☆49Updated 6 years ago
• DragonQuestHero / WindowsSyscallsEx
  Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查
  ☆98Updated 2 years ago
• OMRI-FRX / LMalz
  硬件虚拟化
  ☆62Updated 5 months ago
• Jhinxs / ntoskrnl
  收集常用windows版本内核文件
  ☆35Updated 2 years ago
• Oxygen1a1 / InfinityHookClass
  EtwHook for win7-win11;
  ☆23Updated 3 years ago
• MapleSwan / PageTableHook
  ☆144Updated 3 years ago
• LYingSiMon / InfinityHookProEx
  This is an extension to InfinityHookPro to support physical machine environments. (Win7 -> Win11 latest)
  ☆34Updated 3 years ago
• IcEy-999 / Ntoskrnl_Viewer
  可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。
  ☆109Updated 3 years ago
• PspExitThread / SKT64
  Anti-Rootkit & System kernel management tool
  ☆50Updated 2 weeks ago
• FiYHer / kdmapper
  驱动加载器 -> 利用iqvw64e.sys映射驱动
  ☆56Updated 5 years ago
• Oxygen1a1 / HideProcess
  Hide Process
  ☆71Updated last year
• komimoe / llvm2019
  Visual Studio 2019/2022/2026 extension for building C/C++ projects with the LLVM Compiler Toolchain (installed separately).
  ☆27Updated last month
• A-Normal-User / Pretend_HideVirtualMemory
  利用物理内存映射，实现虚拟内存的伪隐藏
  ☆86Updated 3 years ago
• qq1045551070 / VtToMe
  之前学习X64VT写的代码，很多坑，但是大体的逻辑还是完整的。现发出来给更多想学VT的人参考...
  ☆71Updated 4 years ago
• si1kyyy / Read-Write-Driver-2.0
  （communication detected）a kernel driver for game cheater. includes read&write memory / key&mouse simulator / kernel DWM render / process …
  ☆112Updated 9 months ago
• HARM4Y / Karlann
  It's a kernel-based keylogger for Windows x86/x64.
  ☆143Updated 3 years ago
• huoji120 / EACReversing
  Reversing EasyAntiCheat.
  ☆32Updated 6 years ago
• huoji120 / MakeInfinityHookGreatAgain
  让Etwhook再次伟大! Make InfinityHook Great Again!
  ☆147Updated 4 years ago
• haidragon / DriverInjectDll
  InjectDll
  ☆62Updated 7 years ago
• cs1ime / DICHook
  Hook NtDeviceIoControlFile with PatchGuard
  ☆107Updated 3 years ago
• skrandy / ProtectYourProcess
  保护进程
  ☆24Updated 2 years ago