xsh3llsh0ck/PicoHook external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xsh3llsh0ck/PicoHook

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xsh3llsh0ck/PicoHook)

Close

xsh3llsh0ck / PicoHookView on GitHubMore

• External links
• Readme badge

Small driver that uses alternative syscalls feature

☆18May 9, 2024Updated last year

Alternatives and similar repositories for PicoHook

Users that are interested in PicoHook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• xsh3llsh0ck / MilkBox

  View on GitHub
  Tool to dump EFI runtime drivers.
  ☆39Feb 23, 2024Updated 2 years ago
• xsh3llsh0ck / Deadwing

  View on GitHub
  SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.
  ☆119Oct 15, 2024Updated last year
• xsh3llsh0ck / ResilienceKit

  View on GitHub
  Another UEFI runtime bootkit
  ☆37May 8, 2023Updated 2 years ago
• jsacco / ntoskrnlwalker

  View on GitHub
  Resolve offsets, gadgets and symbols from NTKernel
  ☆58Jan 15, 2026Updated 2 months ago
• sapdragon / autostr

  View on GitHub
  Multi-Layer Automata-Based Encryption strings
  ☆26Jul 9, 2024Updated last year
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• yo-yo-yo-jbo / hotkeyz

  View on GitHub
  Hotkey-based keylogger for Windows
  ☆33Oct 17, 2024Updated last year
• keowu / wintapix

  View on GitHub
  Reversed WintaPix Malware Source code | That targets countries in the Middle East and abuse KeServiceDescriptorTable(SSDT), persistence a…
  ☆22Jul 6, 2024Updated last year
• VioletGiraffe / UEFI-CPP-headers

  View on GitHub
  Some basic UEFI definitions and symbols exactly as definied by the UEFI spec, in the form of C++ headers to be used for writing C++ UEFI …
  ☆14Sep 11, 2022Updated 3 years ago
• DKingAlpha / SSDT-Index

  View on GitHub
  Ready-to-use headers for Windows Kernel SSDT indices
  ☆11Apr 12, 2020Updated 5 years ago
• jonomango / pe-builder

  View on GitHub
  Header-only C++ library for producing PE files.
  ☆36Jun 17, 2023Updated 2 years ago
• qwqdanchun / Little-CRT

  View on GitHub
  ☆11Sep 30, 2023Updated 2 years ago
• stdhu / windows-kernel-pagehook

  View on GitHub
  windows kernel pagehook
  ☆42Oct 30, 2022Updated 3 years ago
• arsium / BypassGetModuleBaseAddressAndGetExportAddress

  View on GitHub
  A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
  ☆21Jul 9, 2022Updated 3 years ago
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆61Oct 19, 2024Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Peribunt / VPGATHER

  View on GitHub
  Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …
  ☆55Dec 30, 2025Updated 2 months ago
• mannyfred / SentinelBruh

  View on GitHub
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆44Oct 11, 2025Updated 5 months ago
• mdsecactivebreach / RegPwn

  View on GitHub
  ☆137Mar 13, 2026Updated 2 weeks ago
• asamy / NastyAlignment

  View on GitHub
  Simple anti-instrumentation with EFLAGS.AC
  ☆17Mar 31, 2025Updated 11 months ago
• 1401199262 / HookSwapContext

  View on GitHub
  ☆34Apr 11, 2023Updated 2 years ago
• FunnyWhaleDev / AlterLoadDll

  View on GitHub
  Load dll with undocumented functions and debug symbols
  ☆47Jul 20, 2024Updated last year
• daaximus / arch_enum

  View on GitHub
  A small tool for rapid enumeration of CPUID, and MSR fields.
  ☆32Jan 30, 2024Updated 2 years ago
• zareprj / JAV-AV-Engine

  View on GitHub
  An av windows engine with file guard and compress file enumator
  ☆12Aug 25, 2018Updated 7 years ago
• vmroute / HV

  View on GitHub
  ☆18Jan 11, 2026Updated 2 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Narumiii / phantommap

  View on GitHub
  Phantom DLL Hollowing method implemented in modmap
  ☆18Jun 9, 2021Updated 4 years ago
• chaeyk / eac-leak

  View on GitHub
  this application shows EAC sdk's memory leak.
  ☆10Nov 30, 2021Updated 4 years ago
• zer0condition / Demystifying-PatchGuard

  View on GitHub
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆134Mar 16, 2026Updated last week
• ig-labs / defender-mpengine-fuzzing

  View on GitHub
  Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine
  ☆42Jul 29, 2025Updated 8 months ago
• Ddot21 / Keyauth-Imgui-loader

  View on GitHub
  ☆30Feb 19, 2022Updated 4 years ago
• DeviceObject / rk2017

  View on GitHub
  ☆14Jun 27, 2017Updated 8 years ago
• cirosec / warbird-demos

  View on GitHub
  ☆50Nov 7, 2024Updated last year
• D4stiny / ExceptionOrientedProgramming

  View on GitHub
  Abusing exceptions for code execution.
  ☆112Jan 30, 2023Updated 3 years ago
• ThunderJie / Windows-Kernel-Exploit

  View on GitHub
  Exploit for HEVD
  ☆10Sep 11, 2019Updated 6 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• Prorok5247 / JVMDumper-1

  View on GitHub
  Injectable dll to dump classes from the jvm.
  ☆11May 23, 2021Updated 4 years ago
• EBalloon / Remap

  View on GitHub
  ☆49Feb 21, 2022Updated 4 years ago
• ioncodes / dlsym_hook

  View on GitHub
  Instrumenting a binary without source code to bypass anti-debug checks
  ☆38Sep 25, 2021Updated 4 years ago
• V-i-x-x / win11-kernel-execution-syscall-hijack

  View on GitHub
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆57Jun 15, 2025Updated 9 months ago
• Eastonn / Visible

  View on GitHub
  Dota 2 Cheat
  ☆13Apr 23, 2022Updated 3 years ago
• BlackHat-Ashura / Reflective_DLL_Injection

  View on GitHub
  Program to Inject a DLL into a process from memory.
  ☆13Mar 16, 2024Updated 2 years ago
• backengineering / POC-AntiKernelDebug

  View on GitHub
  POC about how to detect windows kernel debug by pool tag.
  ☆13Nov 29, 2023Updated 2 years ago