vovkos / protolesshooks

Related projects: ⓘ

• ykfre / BsodSurvivor
  This project aims to facilitate debugging a kernel driver in windows by adding support for a code change on the fly without reboot/unload…
  ☆167Updated last year
• JustasMasiulis / wow64pp
  A modern c++ implementation of windows heavens gate
  ☆193Updated 4 years ago
• avakar / vcrtl
  C++ Exceptions in Windows Drivers
  ☆195Updated 3 years ago
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆156Updated 2 years ago
• ntdiff / ntdiff
  ☆119Updated 3 weeks ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆129Updated 5 years ago
• Synestraa / Highcall-Library
  usermode standalone kernel interface
  ☆110Updated 6 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆129Updated 4 years ago
• vmcall / x64-vm
  x86-64 virtual machine and disassembler
  ☆125Updated 4 years ago
• can1357 / linux-pe
  COFF and Portable Executable format described using standard C++ with no dependencies.
  ☆251Updated 5 months ago
• can1357 / HexSuite
  Header only wrapper around Hex-Rays API in C++20.
  ☆147Updated 2 years ago
• ajkhoury / ApiSet
  API Set resolver for Windows
  ☆114Updated last week
• yardenshafir / SymlinkCallback
  A driver that hooks C: volume using symbolic link callback to track all FS access to the volume
  ☆100Updated 4 years ago
• markhc / windbg_to_c
  Translates WinDbg "dt" structure dump to a C structure
  ☆126Updated 7 years ago
• 0vercl0k / kdmp-parser
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆193Updated 2 months ago
• 0xcpu / WinAltSyscallHandler
  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
  ☆203Updated 4 years ago
• vmcall / latebros
  x64 usermode rootkit
  ☆199Updated 6 years ago
• Microwave89 / createuserprocess
  Three Tiny Examples of Directly Using Vista's NtCreateUserProcess
  ☆84Updated 8 years ago
• ergrelet / resym
  Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
  ☆281Updated 3 weeks ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 2 years ago
• ionescu007 / r0ak
  ☆28Updated 5 years ago
• raminfp / basicwindowskernelprogramming
  Basic Windows Kernel Programming
  ☆120Updated 4 years ago
• 0xcpu / ExecutiveCallbackObjects
  Research on Windows Kernel Executive Callback Objects
  ☆277Updated 4 years ago
• harryanon / r0ak
  ☆105Updated 5 years ago
• mike1k / HookHunter
  Analyze patches in a process
  ☆241Updated 3 years ago
• repnz / apc-research
  APC Internals Research Code
  ☆155Updated 4 years ago
• horsicq / pex64dbg
  ☆137Updated this week
• amiryeshurun / HyperWin
  A native hypervisor designed for the Windows operating system
  ☆120Updated 3 years ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆88Updated 4 years ago
• polycone / pe-loader
  A Windows PE format file loader
  ☆137Updated 6 years ago