momo5502/ept-hook-detection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

momo5502/ept-hook-detection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/momo5502/ept-hook-detection)

Close

momo5502 / ept-hook-detectionView on GitHubMore

• External links
• Readme badge

🪝 Various EPT hook detection approaches

☆149Feb 22, 2026Updated 3 months ago

Alternatives and similar repositories for ept-hook-detection

Users that are interested in ept-hook-detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• momo5502 / hypervisor

  View on GitHub
  🧪 Hypervisor with EPT hooking support.
  ☆339May 1, 2026Updated 3 weeks ago
• jonomango / nohv

  View on GitHub
  Kernel driver for detecting Intel VT-x hypervisors.
  ☆202Jul 11, 2023Updated 2 years ago
• 1401199262 / Hook-KdTrap

  View on GitHub
  ☆228Mar 11, 2023Updated 3 years ago
• Air14 / airhv

  View on GitHub
  Simple Intel VT-x hypervisor
  ☆362Dec 10, 2023Updated 2 years ago
• kprprivate / EAC-CR3-BYPASS

  View on GitHub
  A simple UM + KM example of how to bypass EAC CR3
  ☆195Oct 13, 2025Updated 7 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• 1401199262 / NMIStackWalk

  View on GitHub
  ☆74Aug 31, 2022Updated 3 years ago
• jonomango / hv

  View on GitHub
  Lightweight Intel VT-x Hypervisor.
  ☆692Dec 17, 2024Updated last year
• waryas / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆369Aug 18, 2022Updated 3 years ago
• EBalloon / MapPage

  View on GitHub
  Mapping your code on a 0x1000 size page
  ☆71May 20, 2022Updated 4 years ago
• wizardengineer / krakensvm-mg

  View on GitHub
  A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]
  ☆111Aug 3, 2023Updated 2 years ago
• armasm / EasyAntiPatchGuard

  View on GitHub
  Easy Anti PatchGuard
  ☆221Apr 9, 2021Updated 5 years ago
• ekknod / acdrv

  View on GitHub
  base for testing
  ☆189Sep 28, 2024Updated last year
• helloobaby / Nmi-Callback

  View on GitHub
  detect hypervisor with Nmi Callback
  ☆41Sep 25, 2022Updated 3 years ago
• VollRagm / PTView

  View on GitHub
  Browse Page Tables on Windows (Page Table Viewer)
  ☆239Apr 2, 2022Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• MapleSwan / enum_real_dirbase

  View on GitHub
  从MmPfnData中枚举进程和页目录基址
  ☆213Aug 18, 2023Updated 2 years ago
• gmh5225 / HideDriverTesting

  View on GitHub
  Only for Stress-Testing
  ☆27Apr 9, 2022Updated 4 years ago
• void-stack / Hypervisor-Detection

  View on GitHub
  Detects virtual machines and malware analysis environments
  ☆151Oct 18, 2022Updated 3 years ago
• kkent030315 / anycall

  View on GitHub
  x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration
  ☆395Jul 6, 2022Updated 3 years ago
• armvirus / CosMapper

  View on GitHub
  Loads a signed kernel driver which allows you to map any driver to kernel mode without any traces of the signed / mapped driver.
  ☆398Aug 8, 2021Updated 4 years ago
• KiFilterFiberContext / VMP3-Disasm

  View on GitHub
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆96Aug 27, 2022Updated 3 years ago
• sariaki / amd-hypervisor

  View on GitHub
  a minimalistic windows hypervisor for amd processors
  ☆150Jun 30, 2022Updated 3 years ago
• ch4ncellor / EAC-Reversal

  View on GitHub
  09/2021 reversal of EasyAntiCheat driver
  ☆243Dec 21, 2021Updated 4 years ago
• helloobaby / HyperTool

  View on GitHub
  Intel learning hypervisor and some extend function
  ☆21Aug 23, 2025Updated 9 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• DErDYAST1R / NmiCallbackBlocker

  View on GitHub
  Kernel Level NMI Callback Blocker
  ☆176Apr 23, 2026Updated last month
• charliewolfe / Stealthy-Kernelmode-Injector

  View on GitHub
  Manual mapper that uses PTE manipulation, Virtual Address Descriptor (VAD) manipulation, and forceful memory allocation to hide executabl…
  ☆402Jan 29, 2022Updated 4 years ago
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆52Mar 11, 2021Updated 5 years ago
• misslng / boundcallback

  View on GitHub
  ☆35Oct 10, 2023Updated 2 years ago
• SDXT / MMInject

  View on GitHub
  Kernel DLL Injector using NX Bit Swapping and VAD hide for hiding injected DLL
  ☆221Nov 12, 2020Updated 5 years ago
• pTerrance / alpc-km-um

  View on GitHub
  POC usermode <=> kernel communication via ALPC.
  ☆74Jun 6, 2024Updated last year
• donnaskiez / ac

  View on GitHub
  kernel mode anti cheat
  ☆661Aug 4, 2024Updated last year
• kmlgping / ShotHv

  View on GitHub
  ShotHv
  ☆154Mar 8, 2022Updated 4 years ago
• KANKOSHEV / Detect-KeAttachProcess

  View on GitHub
  Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.
  ☆119Feb 8, 2022Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• FiYHer / InfinityHookPro

  View on GitHub
  InfinityHookPro Win7 -> Win11 latest
  ☆553Feb 7, 2023Updated 3 years ago
• xu-Wan / HypercallPageHook

  View on GitHub
  POC Hook of nt!HvcallCodeVa
  ☆55May 8, 2023Updated 3 years ago
• Oxygen1a1 / InfinityHook_latest

  View on GitHub
  etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
  ☆338Apr 26, 2026Updated 3 weeks ago
• kkent030315 / CiGetCertPublisherName

  View on GitHub
  An example code of CiGetCertPublisherName
  ☆16Mar 24, 2022Updated 4 years ago
• vasie1337 / kernel-anticheat

  View on GitHub
  Windows kernel anti-cheat for driver integrity testing and security research
  ☆187Jun 16, 2025Updated 11 months ago
• Zero-Tang / NoirVisor

  View on GitHub
  The Grimoire Hypervisor solution for x86 Processors with experimental nested virtualization support. Remastering with Rust in progress.
  ☆631May 9, 2026Updated 2 weeks ago
• zxd1994 / vt-debuuger

  View on GitHub
  a debugger use vt technology
  ☆358Jun 30, 2022Updated 3 years ago