PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook
☆13May 30, 2024Updated last year
Alternatives and similar repositories for createprocessnotify-hook
Users that are interested in createprocessnotify-hook are comparing it to the libraries listed below
Sorting:
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- ntos internals☆23Dec 28, 2019Updated 6 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Lightweight, dependency-free x86-64 CPU emulation library with Unicorn-like guest mode and direct host-memory execution.☆69Updated this week
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 3 months ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Ransomware detection application for Windows using Windows Minifilter driver☆94Jun 6, 2020Updated 5 years ago
- Библиотека шифрования XTEA3 на С++☆14Jul 6, 2019Updated 6 years ago
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- 🧶 The Win32 usermode threading library with UMS/fibers/threads support☆30Jul 1, 2019Updated 6 years ago
- ☆18Aug 15, 2025Updated 7 months ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- MIR-Engine☆23Jul 6, 2017Updated 8 years ago
- A research project about Windows notify routines.☆38Jul 31, 2020Updated 5 years ago
- Hiding a system thread against conventional means of detection☆42Oct 7, 2020Updated 5 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- Protect a process from code injection, termination and hooking☆49Jul 16, 2021Updated 4 years ago
- ☆14May 10, 2021Updated 4 years ago
- MLRan: A Ransomware Behavioural Dataset for Machine Learning☆46Jun 17, 2025Updated 9 months ago
- 无痕注入1☆77Jun 1, 2021Updated 4 years ago
- windows inlinehook R3 R0☆11Apr 11, 2018Updated 7 years ago
- A tool is used to infected a shellcode to PE file, the shellcode is packed at compile time and unpacked at runtime☆13Jul 16, 2020Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Dec 16, 2020Updated 5 years ago
- Not mine. Only for saving☆26Jun 28, 2022Updated 3 years ago
- This project has been moved from a private repository.☆11May 4, 2018Updated 7 years ago
- ☆18Oct 12, 2014Updated 11 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- Registers Vectored Exception Handlers by directly manipulating internal LdrpVectorHandlerList structure instead of calling RtlAddVectored…☆35Jan 18, 2026Updated 2 months ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago