mapozyan / etw_hookLinks
etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
☆22Updated last year
Alternatives and similar repositories for etw_hook
Users that are interested in etw_hook are comparing it to the libraries listed below
Sorting:
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆67Updated last month
- ☆53Updated 3 years ago
- a monitoring windows driver calls kernel api tools☆122Updated last year
- an encryption library designed for Windows kernel and driver programming☆122Updated 2 years ago
- ☆42Updated last year
- ☆48Updated last year
- 远程注入无导入函数dll,自动重定位以后内存加载dll☆47Updated 6 years ago
- 不使用3环挂钩进行DWM桌面绘制☆80Updated 4 years ago
- ☆22Updated 5 months ago
- 驱动加载器 -> 利用iqvw64e.sys映射驱动☆56Updated 5 years ago
- Quick check of NT kernel exported&unexported functions/global variable offset NT内核导出以及未导出函数+全局变量偏移速查☆96Updated 2 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆96Updated last year
- ☆81Updated 3 years ago
- (communication detected)a kernel driver for game cheater. includes read&write memory / key&mouse simulator / kernel DWM render / process …☆100Updated 7 months ago
- 硬件虚拟化☆57Updated 4 months ago
- Visual Studio 2019/2022 extension for building C/C++ projects with the LLVM Compiler Toolchain (installed separately).☆25Updated last year
- 利用物理内存映射,实现虚拟内存的伪隐藏☆85Updated 3 years ago
- EtwHook for win7-win11;☆23Updated 3 years ago
- Anti-Rootkit & System kernel management tool☆46Updated 2 weeks ago
- 收集常用windows版本内核文件☆34Updated 2 years ago
- Reversing EasyAntiCheat.☆32Updated 6 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Updated 3 years ago
- ☆69Updated 3 years ago
- Hide Process☆69Updated last year
- A Memory Read And Write the Hide Driver☆72Updated 5 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆146Updated 4 years ago
- VT Hook☆49Updated last year
- It's a kernel-based keylogger for Windows x86/x64.☆142Updated 3 years ago
- 保护进程☆24Updated 2 years ago
- ShotHv☆148Updated 3 years ago