Alternatives and similar repositories for phook

Users that are interested in phook are comparing it to the libraries listed below

• deroko / activationcontexthook
  ☆34Updated 7 years ago
• hasherezade / loaderine
  A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
  ☆19Updated 7 years ago
• nccgroup / ICPin
  An Integrity-Check Monitoring Pintool
  ☆58Updated 4 years ago
• OsandaMalith / ApiMon
  A simple API monitor for Windbg
  ☆63Updated 8 years ago
• BreakingMalwareResearch / CFGExceptions
  Adding exceptions to Microsoft's Control Flow Guard (CFG)
  ☆58Updated 9 years ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆54Updated 6 years ago
• RceNinja / Re-Scripts
  ☆34Updated 3 years ago
• atlantis2013 / Evasion-Tools
  Anti-technique Codes, Detection of Anti-technique codes
  ☆38Updated 11 years ago
• 86hh / POC-viruses
  POC viruses I have created to demo some ideas
  ☆59Updated 5 years ago
• marcusbotacin / Anti.Analysis
  Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
  ☆45Updated 7 years ago
• maldevel / driver-loader
  Load a Windows Kernel Driver
  ☆92Updated 8 years ago
• Microwave89 / syscalltest
  PoC for Bypassing UM Hooks By Bruteforcing Intel Syscalls
  ☆38Updated 9 years ago
• swwwolf / obderef
  Decrement Windows Kernel for fun and profit
  ☆38Updated 7 years ago
• hasherezade / flareon2019
  Flare-On solutions
  ☆36Updated 5 years ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆44Updated 6 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 7 years ago
• thalium / idatag
  IDA plugin to explore and browse tags
  ☆56Updated 5 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• reb311ion / emerald
  Import DynamoRIO drcov code coverage data into Ghidra
  ☆44Updated last year
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆33Updated last year
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• waleedassar / vbDetectVirtualBox
  A VBScript for detecting VirtualBox
  ☆21Updated 9 years ago
• aguinet / miasm-bootloader
  x86 bootloader emulation with Miasm (case of NotPetya)
  ☆43Updated 6 years ago
• saweol / vwaad
  IDA script for vmprotect Windows Api address decoder
  ☆51Updated 4 years ago
• Fare9 / Genaytyk-VM
  My notes about Genyatyk VM crackme
  ☆26Updated 5 years ago
• bluefrostsecurity / Meltdown-KVA-Shadow-Leak
  ☆46Updated 4 years ago
• mgeeky / HEVD_Kernel_Exploit
  Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
  ☆66Updated 3 years ago
• int0 / ProcessIsolator
  ☆80Updated 7 years ago
• MortenSchenk / tagWnd-Hardening-Bypass
  Bypass for the hardening against usage of tagWnd as a kernel read/write primitive
  ☆29Updated 8 years ago
• aking1012 / dc20
  A slightly stripped down version of RID (an exercise in learning python C-Types...some of it is a little rushed/sloppy) and a stripped do…
  ☆51Updated 12 years ago