ytk2128 / api-monitor32
A simple tool for detecting memory modifications to Windows API.
☆22Updated last week
Alternatives and similar repositories for api-monitor32:
Users that are interested in api-monitor32 are comparing it to the libraries listed below
- ☆15Updated 4 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆45Updated 7 years ago
- ☆27Updated 2 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆17Updated 3 years ago
- ☆105Updated 2 years ago
- Enabled / Disable LSA Protection via BYOVD☆65Updated 3 years ago
- A compact tool for detecting AV/EDR hooks in default Windows libraries.☆30Updated 2 years ago
- ☆33Updated 3 years ago
- ☆18Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Updated 2 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆27Updated 3 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated 11 months ago
- My try to implement a virtual CPU in C☆19Updated last year
- Hook all callbacks which are registered with LdrRegisterDllNotification☆84Updated last year
- Add an empty section to a PE file☆52Updated 7 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- WinDbg cheat sheet☆12Updated last year
- Call 32bit NtDLL API directly from WoW64 Layer☆60Updated 4 years ago
- A ready-made template for a project based on libpeconv.☆43Updated 2 months ago
- Library for using direct system calls☆35Updated 4 years ago
- Manually perform syscalls without going through any external API or DLL.☆17Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆52Updated 2 years ago
- Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)☆20Updated 4 years ago