PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook
☆12May 30, 2024Updated last year
Alternatives and similar repositories for createprocessnotify-hook
Users that are interested in createprocessnotify-hook are comparing it to the libraries listed below
Sorting:
- Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process☆19Jul 8, 2022Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- ntos internals☆23Dec 28, 2019Updated 6 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Static Library For Windows Drivers☆41Dec 13, 2025Updated 2 months ago
- 扫描以及恢复 r3hook 类☆10Aug 29, 2021Updated 4 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Библиотека шифрования XTEA3 на С++☆14Jul 6, 2019Updated 6 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- This project has been moved from a private repository.☆11May 4, 2018Updated 7 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- Ransomware detection application for Windows using Windows Minifilter driver☆93Jun 6, 2020Updated 5 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- An example code of CiGetCertPublisherName☆17Mar 24, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆80Sep 2, 2024Updated last year
- simply manual map any system image☆18Feb 1, 2021Updated 5 years ago
- IO隐藏通信封装☆17May 31, 2021Updated 4 years ago
- A research project about Windows notify routines.☆38Jul 31, 2020Updated 5 years ago
- first commit☆64Oct 29, 2020Updated 5 years ago
- Illustrates the concept of return address spoofing, and how it is used.☆14May 13, 2020Updated 5 years ago
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 2 years ago
- ☆14Dec 3, 2022Updated 3 years ago
- A working version of this tutorial: https://docs.microsoft.com/en-us/windows/desktop/rpc/tutorial☆16Jun 22, 2019Updated 6 years ago
- A dns server that use to hijack other dns request in a wifi network for redirect to your custem http server ..☆20Jun 25, 2015Updated 10 years ago
- ☆18Oct 12, 2014Updated 11 years ago
- Detect-KeAttachProcess by iterating through all processes as well as checking the context of the thread.☆121Feb 8, 2022Updated 4 years ago
- 无痕注入1☆77Jun 1, 2021Updated 4 years ago
- Hiding a system thread against conventional means of detection☆42Oct 7, 2020Updated 5 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- ☆17Oct 24, 2016Updated 9 years ago
- Protect a process from code injection, termination and hooking☆48Jul 16, 2021Updated 4 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆84Dec 25, 2021Updated 4 years ago
- Yet-Another-Spy☆19Apr 21, 2017Updated 8 years ago
- ☆21Dec 15, 2023Updated 2 years ago
- 根据参考字符串,和结果逆向,推算出算法。☆21May 30, 2023Updated 2 years ago
- libcodecs is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆24Aug 17, 2015Updated 10 years ago