Alternatives and similar repositories for api-monitor32

Users that are interested in api-monitor32 are comparing it to the libraries listed below

• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆47Updated last year
• hMihaiDavid / addscn
  Add an empty section to a PE file
  ☆51Updated 7 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆39Updated 3 years ago
• bytewreck / hook-buster
  A compact tool for detecting AV/EDR hooks in default Windows libraries.
  ☆31Updated 3 years ago
• 0xMegaByte / COM-Explained
  ☆25Updated 2 years ago
• m417z / LdrDllNotificationHook
  Hook all callbacks which are registered with LdrRegisterDllNotification
  ☆87Updated last month
• PorLaCola25 / ProcessDoppelganging
  Process doppelganging POC using direct system calls, PPID spoofing and dropbox as an external delivery channel for the payload.
  ☆14Updated 4 years ago
• ntoskrnl7 / ldk
  Load Dll into Kernel space
  ☆38Updated 2 years ago
• MahmoudZohdy / IAT-Obfuscation
  IAT-Obfuscation to make static analysis of executable harder.
  ☆42Updated 3 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆57Updated 4 years ago
• UmaRex01 / HookSentry
  Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.
  ☆28Updated 3 weeks ago
• ch3rn0byl / WinDbg-Extensions
  ☆18Updated 4 years ago
• ph4s3tw0 / GetProcAddressCaseStudies
  Six cases demonstrating methods of optimizing GetProcAddress
  ☆17Updated 3 years ago
• uvbs / NT-APC-Injector
  APC DLL Injector with NtQueueApcThread and wake up thread support
  ☆44Updated 7 years ago
• OxNinja / C-VM
  My try to implement a virtual CPU in C
  ☆19Updated last year
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆48Updated 2 months ago
• jnastarot / cleancall
  Library for using direct system calls
  ☆35Updated 3 months ago
• SweetIceLolly / Prevent_File_Deletion
  Record & prevent file deletion in kernel mode
  ☆43Updated 4 years ago
• ytk2128 / pe32-password
  A simple password-based PE encryptor for Windows 32-bit executables.
  ☆52Updated 4 months ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• waleedassar / ALPC_CLIENT_SERVER
  Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.
  ☆21Updated 3 years ago
• AzAgarampur / byeintegrity3-uac
  Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler
  ☆28Updated 3 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• yardenshafir / CallbackObjectAnalyzer
  Dumps information about all the callback objects found in a dump file and the functions registered for them
  ☆36Updated 4 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• Flawww / ObfuscatedJumpGenerator
  Dynamically generated obfuscated jumps and/or function calls
  ☆35Updated 2 years ago
• zhuhuibeishadiao / exploit-RemoteDesktopServerDriver
  exploit termdd.sys(support kb4499175)
  ☆59Updated 5 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆32Updated 4 years ago
• iammaguire / Salient-Rootkit
  A kernel mode Windows rootkit in development.
  ☆48Updated 3 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago