Alternatives and similar repositories for protolesshooks:

Users that are interested in protolesshooks are comparing it to the libraries listed below

• ykfre / BsodSurvivor
  This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload…
  ☆172Updated 2 years ago
• avakar / vcrtl
  C++ Exceptions in Windows Drivers
  ☆208Updated 4 years ago
• ntdiff / ntdiff
  ☆126Updated 7 months ago
• JustasMasiulis / wow64pp
  A modern c++ implementation of windows heavens gate
  ☆220Updated 4 years ago
• Synestraa / Highcall-Library
  usermode standalone kernel interface
  ☆110Updated 6 years ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆217Updated 5 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆95Updated 3 years ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆96Updated 3 months ago
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆170Updated 3 years ago
• markhc / windbg_to_c
  Translates WinDbg "dt" structure dump to a C structure
  ☆128Updated 8 years ago
• can1357 / HexSuite
  Header only wrapper around Hex-Rays API in C++20.
  ☆158Updated 4 months ago
• ionescu007 / r0ak
  ☆30Updated 6 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆140Updated 6 years ago
• 0xcpu / ExecutiveCallbackObjects
  Research on Windows Kernel Executive Callback Objects
  ☆286Updated 5 years ago
• repnz / apc-research
  APC Internals Research Code
  ☆166Updated 4 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆87Updated 9 years ago
• vmcall / latebros
  x64 usermode rootkit
  ☆204Updated 7 years ago
• can1357 / linux-pe
  COFF and Portable Executable format described using standard C++ with no dependencies.
  ☆279Updated 2 weeks ago
• mike1k / pepp
  C++ library for parsing and manipulating PE files statically and dynamically.
  ☆86Updated last year
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆142Updated 4 years ago
• secrary / Hooking-via-InstrumentationCallback
  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
  ☆175Updated 7 years ago
• Fyyre / kerneldetective
  Kernel Detective
  ☆144Updated 2 years ago
• harryanon / r0ak
  ☆106Updated 6 years ago
• Fyyre / ntdll
  ntdll.h - compatible with MSVC 6.0, Intel C++ Compiler and MinGW. Serves as a complete replacement for Windows.h
  ☆137Updated 5 years ago
• ajkhoury / ApiSet
  API Set resolver for Windows
  ☆131Updated 7 months ago
• amiryeshurun / HyperWin
  A native hypervisor designed for the Windows operating system
  ☆123Updated 4 years ago
• ioncodes / vacation3-emu
  VAC3 (Valve Anti-Cheat 3) module emulator
  ☆98Updated 4 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆205Updated 2 years ago
• 0vercl0k / kdmp-parser
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆200Updated 9 months ago
• yardenshafir / SymlinkCallback
  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
  ☆108Updated 5 years ago