monitors hidden syscalls called from call of duty anticheat
☆89Jan 13, 2025Updated last year
Alternatives and similar repositories for hidden_syscall_monitoring
Users that are interested in hidden_syscall_monitoring are comparing it to the libraries listed below
Sorting:
- Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures☆38Sep 22, 2024Updated last year
- LPC (Local Procedure Call) is a portion of Windows NT kernel, used for fast communication between threads or processes. It can be also us…☆15Mar 21, 2021Updated 4 years ago
- The kernel mode Standard Template Library Template☆19Feb 22, 2020Updated 6 years ago
- Windows Console Monitor☆34Jun 11, 2019Updated 6 years ago
- An anti-cheat project that includes kernel mode.☆39Jul 29, 2021Updated 4 years ago
- WinDbg-ext-MCP bridges your favorite LLM client (like Cursor, Claude, or VS Code) with WinDbg, enabling real-time, AI assisted kernel deb…☆76Sep 10, 2025Updated 5 months ago
- remem is a C++ library designed for memory manipulation, function calling, and pattern scanning. It supports various calling conventions,…☆10Aug 23, 2024Updated last year
- Implementation of a dispatcher for Structured Exceptions inside a Vectored Exception Handler☆42Feb 15, 2020Updated 6 years ago
- CMake template for a basic EFI application/bootkit. This library is header-only, there is no EDK2 runtime!).☆80Sep 18, 2022Updated 3 years ago
- High-level library for executable binary file analysis☆16Feb 13, 2017Updated 9 years ago
- Hook system calls, context switches, page faults and more.☆34Jul 25, 2019Updated 6 years ago
- Binary rewriter for 64-bit PE files.☆101Feb 5, 2024Updated 2 years ago
- InfinityHookProMax: Make InfinityHook great great again☆52Aug 25, 2023Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆228Jan 24, 2025Updated last year
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆118May 29, 2025Updated 9 months ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- an iSCSI demo driver for Windows☆12Sep 21, 2015Updated 10 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆272Oct 31, 2024Updated last year
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated 8 months ago
- Global DLL injector☆71May 16, 2021Updated 4 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- Proof-of-concept post-build obfuscator for Unity IL2CPP projects☆38Jan 12, 2025Updated last year
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- kernel-mode DLL Injector☆127Apr 24, 2025Updated 10 months ago
- An x86-64 Code Virtualizer☆309Sep 26, 2024Updated last year
- ☆29Mar 9, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- ☆39Oct 29, 2020Updated 5 years ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- Compile-Time Calls Obfuscator for C++14+☆52Dec 7, 2023Updated 2 years ago
- Bring Your Own Vulnerable Driver for PatchGuard & Driver Signature Enforcement☆14Apr 6, 2024Updated last year
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- Integration of Microsoft Warbird with the MSVC compiler☆132Jul 16, 2023Updated 2 years ago
- ☆37May 9, 2023Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆360Aug 11, 2024Updated last year
- 从MmPfnData中枚举进程和页目录基址☆207Aug 18, 2023Updated 2 years ago
- Detect WFP filters blocking EDR communications☆96Jan 5, 2024Updated 2 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆379Jun 3, 2023Updated 2 years ago