The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload…
☆412Dec 27, 2024Updated last year
Alternatives and similar repositories for IRPMon
Users that are interested in IRPMon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…☆60Feb 28, 2021Updated 5 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Monitor activity of any driver☆352Nov 2, 2020Updated 5 years ago
- Windows Object Explorer 64-bit☆1,900Updated this week
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Incident Response & Digital Forensics Debugging Extension☆393Dec 11, 2018Updated 7 years ago
- Hypervisor based tool for monitoring system register accesses.☆155Sep 13, 2018Updated 7 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆79Aug 12, 2015Updated 10 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆542Sep 2, 2022Updated 3 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆447Nov 29, 2021Updated 4 years ago
- VirtualKD-Redux - A revival and modernization of VirtualKD☆960Jun 23, 2024Updated last year
- ☆36Oct 29, 2020Updated 5 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆635Jul 7, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆893Jun 18, 2025Updated 9 months ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆466Apr 17, 2018Updated 7 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆747Jun 26, 2017Updated 8 years ago
- ☆408Mar 1, 2017Updated 9 years ago
- ☆228Oct 9, 2021Updated 4 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆233Jul 26, 2020Updated 5 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,363Jan 22, 2022Updated 4 years ago
- Minimalistic VT-x hypervisor with hooks☆935Oct 18, 2019Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Detecting execution of kernel memory where is not backed by any image file☆262Jul 11, 2018Updated 7 years ago
- Test code only. Not reliable for actual use.☆63Jan 1, 2016Updated 10 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- Universal PatchGuard and Driver Signature Enforcement Disable☆865Mar 29, 2019Updated 6 years ago
- A windbg extension, extracting token related contents☆41Dec 23, 2020Updated 5 years ago
- PatchGuard Research☆305Oct 6, 2018Updated 7 years ago
- Translates WinDbg "dt" structure dump to a C structure☆133Oct 16, 2016Updated 9 years ago
- windows syscall table from xp ~ 10 rs4☆355Jun 8, 2018Updated 7 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆1,001Jan 17, 2023Updated 3 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆182Nov 30, 2017Updated 8 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last month