Alternatives and similar repositories for NHook

Users that are interested in NHook are comparing it to the libraries listed below

• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆90Updated last year
• snowsnowsnows / ManyTypes
  x64dbg typeparsing plugin with Windows types
  ☆70Updated 5 months ago
• w1redch4d / Artfuscator
  A C compiler targeting an artistically pleasing nightmare for reverse engineers
  ☆100Updated last year
• backengineering / vmp2
  VMProtect2 Deobfuscation Tooling
  ☆84Updated 2 months ago
• 67-6f-64 / AntiOreans-CodeDevirtualizer
  ☆66Updated 2 years ago
• ergrelet / themida-unmutate-bn
  A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.
  ☆38Updated last year
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆67Updated 2 years ago
• ZehMatt / zyemu
  x86-64 user mode emulation using Zydis
  ☆72Updated 4 months ago
• charlesnathansmith / whatlicense
  WinLicense key extraction via Intel PIN
  ☆107Updated last year
• triskellib / vscode
  LLVM Graph View for VSCode
  ☆39Updated 10 months ago
• Rupan / idapin
  A debugger backend for IDA Pro built on top of of Intel’s PIN framework
  ☆35Updated last year
• AzzOnFire / emuit
  Easy-to-use IDA plugin for code emulation
  ☆53Updated 2 months ago
• can1357 / xstd
  A portable header only library extending the C++20 STL.
  ☆95Updated last year
• keowu / koidbg
  A debugger for Windows ARM64 (AARCH64), user-friendly for reverse engineers, malware analysts, malware developers, game hacking, operatin…
  ☆72Updated 9 months ago
• gmh5225 / titan-1
  Titan is a VMProtect devirtualizer
  ☆61Updated 2 years ago
• lunar-sh / cdl86
  Tiny C x86_64 function detouring library.
  ☆28Updated 3 weeks ago
• binsnake / KUBERA
  A x86_64 software emulator
  ☆162Updated 5 months ago
• KiFilterFiberContext / microsoft-warbird
  Reimplementation of Microsoft's Warbird obuscator
  ☆177Updated last year
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆182Updated 3 years ago
• ergrelet / Scylla
  Fork of Scylla with additional fixes and Python bindings.
  ☆54Updated last year
• h311d1n3r / Arion
  A high-performance C++ framework for emulating executable binaries
  ☆128Updated 2 months ago
• utoni / mingw-w64-dpp
  "Mingw64 Driver Plus Plus": Mingw64, C++, DDK and (EA)STL made easy!
  ☆43Updated 3 months ago
• ElvisBlue / x64dbgpython
  x64dbg plugin for running python3 script. Focus on doing malware analyst and unpacking
  ☆65Updated 11 months ago
• mmert11 / binaryshield-devirtualizer
  llvm powered deobfuscation of a vm-based protection
  ☆46Updated 9 months ago
• pinwhell / TBS
  Cross-Platform Framework for High-Speed Memory Pattern Scanning with Multithreading, SIMD Support, and Alternative STL ETL Integration
  ☆45Updated 3 weeks ago
• stuxnet147 / IDA-Assistant
  IDA plugin to support automatic reverse engineering
  ☆76Updated 11 months ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆123Updated 4 years ago
• jonatan1024 / CpuidSpoofer
  x64dbg plugin for simple spoofing of CPUID instruction behavior
  ☆100Updated 2 years ago
• mrexodia / driver_unpacking
  Ghetto user mode emulation of Windows kernel drivers.
  ☆160Updated last year
• herosi / PyClassInformer
  ☆129Updated 5 months ago