The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload…
☆418Dec 27, 2024Updated last year
Alternatives and similar repositories for IRPMon
Users that are interested in IRPMon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…☆61Feb 28, 2021Updated 5 years ago
- WinDBG Anti-RootKit Extension☆642Jul 29, 2020Updated 5 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆439Aug 22, 2018Updated 7 years ago
- Monitor activity of any driver☆356Nov 2, 2020Updated 5 years ago
- Windows Object Explorer 64-bit☆1,937Updated this week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Incident Response & Digital Forensics Debugging Extension☆398Dec 11, 2018Updated 7 years ago
- Hypervisor based tool for monitoring system register accesses.☆156Sep 13, 2018Updated 7 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆545Sep 2, 2022Updated 3 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆452Nov 29, 2021Updated 4 years ago
- ☆36Oct 29, 2020Updated 5 years ago
- VirtualKD-Redux - A revival and modernization of VirtualKD☆971Jun 23, 2024Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆644Jul 7, 2017Updated 8 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆905Jun 18, 2025Updated 11 months ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆481Apr 17, 2018Updated 8 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆750Jun 26, 2017Updated 8 years ago
- ☆408Mar 1, 2017Updated 9 years ago
- ☆231Oct 9, 2021Updated 4 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆244Jul 26, 2020Updated 5 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,388Jan 22, 2022Updated 4 years ago
- Minimalistic VT-x hypervisor with hooks☆945Oct 18, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Detecting execution of kernel memory where is not backed by any image file☆262Jul 11, 2018Updated 7 years ago
- Test code only. Not reliable for actual use.☆63Jan 1, 2016Updated 10 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆68Nov 14, 2016Updated 9 years ago
- An Ark tool project,run on Win7 x86/x64☆116Jul 11, 2017Updated 8 years ago
- Universal PatchGuard and Driver Signature Enforcement Disable☆875Mar 29, 2019Updated 7 years ago
- A windbg extension, extracting token related contents☆41Dec 23, 2020Updated 5 years ago
- PatchGuard Research☆305Oct 6, 2018Updated 7 years ago
- Translates WinDbg "dt" structure dump to a C structure☆133Oct 16, 2016Updated 9 years ago
- windows syscall table from xp ~ 10 rs4☆355Jun 8, 2018Updated 8 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆1,006Jan 17, 2023Updated 3 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- 常用代码类☆13May 31, 2014Updated 12 years ago
- Windows kernel-mode callbacks tutorial driver☆46Aug 8, 2016Updated 9 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 months ago