The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload…
☆414Dec 27, 2024Updated last year
Alternatives and similar repositories for IRPMon
Users that are interested in IRPMon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its func…☆60Feb 28, 2021Updated 5 years ago
- WinDBG Anti-RootKit Extension☆644Jul 29, 2020Updated 5 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆440Aug 22, 2018Updated 7 years ago
- Monitor activity of any driver☆353Nov 2, 2020Updated 5 years ago
- Windows Object Explorer 64-bit☆1,915Mar 22, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Incident Response & Digital Forensics Debugging Extension☆395Dec 11, 2018Updated 7 years ago
- Hypervisor based tool for monitoring system register accesses.☆157Sep 13, 2018Updated 7 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆79Aug 12, 2015Updated 10 years ago
- KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK☆544Sep 2, 2022Updated 3 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆449Nov 29, 2021Updated 4 years ago
- VirtualKD-Redux - A revival and modernization of VirtualKD☆965Jun 23, 2024Updated last year
- ☆35Oct 29, 2020Updated 5 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆641Jul 7, 2017Updated 8 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers☆899Jun 18, 2025Updated 10 months ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆476Apr 17, 2018Updated 8 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆749Jun 26, 2017Updated 8 years ago
- ☆407Mar 1, 2017Updated 9 years ago
- ☆230Oct 9, 2021Updated 4 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆244Jul 26, 2020Updated 5 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,374Jan 22, 2022Updated 4 years ago
- Minimalistic VT-x hypervisor with hooks☆942Oct 18, 2019Updated 6 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Detecting execution of kernel memory where is not backed by any image file☆262Jul 11, 2018Updated 7 years ago
- Test code only. Not reliable for actual use.☆63Jan 1, 2016Updated 10 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- Universal PatchGuard and Driver Signature Enforcement Disable☆870Mar 29, 2019Updated 7 years ago
- A windbg extension, extracting token related contents☆42Dec 23, 2020Updated 5 years ago
- PatchGuard Research☆305Oct 6, 2018Updated 7 years ago
- Translates WinDbg "dt" structure dump to a C structure☆134Oct 16, 2016Updated 9 years ago
- windows syscall table from xp ~ 10 rs4☆356Jun 8, 2018Updated 7 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.☆1,006Jan 17, 2023Updated 3 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆184Nov 30, 2017Updated 8 years ago
- 常用代码类☆13May 31, 2014Updated 11 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 2 months ago