vic4key / py-hooking
Sometimes, you need to manipulate low-level functionality (C APIs, etc) from high-level languages (Python). Eg. Force the low-level calls directly to your own Python override functions. This repo will help you do that.
☆14Updated 10 months ago
Alternatives and similar repositories for py-hooking:
Users that are interested in py-hooking are comparing it to the libraries listed below
- Wow64 Heaven's Gate Hook☆28Updated 3 years ago
- Yet another Windows DLL injector.☆39Updated 3 years ago
- ☆12Updated 3 years ago
- Detour hooking IRQ1 ISR through IDT (Interrupt Descriptor Table)☆19Updated 2 years ago
- Fake Timestamps of Driver Certificates while keeping validity.☆17Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆16Updated 3 months ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆15Updated last year
- ☆36Updated last year
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆22Updated 3 years ago
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆19Updated 3 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Updated 11 months ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆27Updated 2 years ago
- A Windows API hooking library !☆31Updated 2 years ago
- Code Integrity Violation Spotter☆16Updated 10 months ago
- genpatch is IDA plugin that generates a python script for patching binary☆33Updated last year
- Triton based symbolic emulator☆16Updated 2 years ago
- Currently proof-of-concept☆16Updated 3 years ago
- Easily hook WIN32 x64 functions☆18Updated 2 months ago
- Based on nt5src☆15Updated last year
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆10Updated 2 years ago
- Subtract one PE file from another!☆22Updated 3 years ago
- idax: IDASDK extension libraries☆19Updated 8 months ago
- Load Dll into Kernel space☆38Updated 2 years ago
- devirtualization vmprotect☆62Updated 2 years ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆17Updated 3 years ago
- IDA plugin to deobfuscate emotet CFF☆17Updated 3 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated 6 months ago
- https://www.huorong.cn/☆14Updated last year
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆22Updated last year