#Hooking
Showing 37 of 37 repositories tagged #hooking, ranked by stars
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
:fire: ByteHook is an Android PLT hook library which supports armeabi-v7a, arm64-v8a, x86 and x86_64.
Hand-crafted Frida examples
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
A tool that helps you work with frida easily for Android platform
Simplifying encrypted traffic analysis for researchers by making protocol decryption effortless.
Debug Child Process Tool (auto attach)
A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.
(NO LONGER WORKS)
a PE Loader and Windows API tracer. Useful in malware analysis.
Speedhack coded in C++, inspired by Cheat Engine's own speedhack.
Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
Frida scripts for mobile application dynamic-analysis.
Malware dynamic instrumentation tool based on frida framework
Rust code to show how hooking in rust with a dll works.
A dynamic, Zygisk module for hot-swapping native libraries into Android applications without rebooting.
Advanced dynamic malware analysis tool.
MinHook binding for Go (Golang) with support for Windows API.
EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
.NET instrumentation framework
Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster, and simpler.
PoC for detecting and dumping code injection (built and extended on UnRunPE)
Loader Dumps Arcade run Taito Type X | NESICAxLive arcade machines games in your PC
Powerful Kernel Windows Platform for Malware Analysis, SRE, Forensics & Threat Hunting
featured cs:go internal hack, one file and less than 1000 lines.
EasyWinHax is a C++ library designed to provide basic and low abstraction functionallity for windows process hacking and more specifically game hacking.
Reverse engineered Windows 10 Calculator.exe (UWP application) hacker. 한글/漢文을 배운 윈도우 계산기 패치.
Bypasses VMProtect's VMWare & VMWare Tools detection trough user-mode API hooks.
Proof of Concept - Hooking API calls of a Ransomware
A lightweight, self-contained x64 Native API syscall monitor for Windows with a custom inline hook engine and zero external dependencies.
Configurable library & executable to inject Windows dynamic-link libraries (DLLs) into processes
Simple C/C++ library for detour hooking in Linux and Windows
PoC shellcode injector using clean syscalls to bypass user-mode hooks in ntdll.dll
A plugin for x64dbg that allows you to hook the Local Security Authority Subsystem Service process to extract all possible TLS(On handshake, Import, Export or Generate) keys from the operating system using the SeDebugPrivilege escalation to make malware analysis faster and easier.
A universal Frida Script that prevents application self-termination at Java and native layers on Android.