RafWu / RansomWatchLinks
Ransomware detection application for Windows using Windows Minifilter driver
☆88Updated 5 years ago
Alternatives and similar repositories for RansomWatch
Users that are interested in RansomWatch are comparing it to the libraries listed below
Sorting:
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆101Updated 2 years ago
- Protect a file from being deleted using windows kernel file system minifilter driver☆39Updated 4 years ago
- ☆68Updated 6 years ago
- Use ci.dll API for validating Authenticode signature of files☆156Updated 3 years ago
- Disable any USB Mass Storage device from kmode using a pnp filter driver☆62Updated 4 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆101Updated 7 months ago
- Record & prevent file deletion in kernel mode☆44Updated 5 years ago
- A ProcMon-esque tool for monitoring Windows Kernel Drivers☆58Updated 4 years ago
- Force a file delete using a windows kernel driver☆67Updated 3 years ago
- My first kernel-mode process protection driver!☆37Updated 5 years ago
- ☆13Updated 5 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆153Updated 2 years ago
- Collect various versions of ntoskrnl files☆55Updated last year
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆123Updated 7 years ago
- C++ library for low-level Windows development☆79Updated last year
- Modern C++ wrapper for Windows PE signature verification mechanism☆29Updated 6 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆52Updated 4 years ago
- A minifilter driver preserves all modified and deleted files.☆80Updated 10 years ago
- Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from s…☆137Updated 4 years ago
- Example Windows Kernel-mode Driver which enumerates running processes.☆57Updated 3 years ago
- A driver to intercept low level windows events☆63Updated 5 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆253Updated 7 months ago
- WFP驱动,关联链路层和进程信息☆16Updated 3 years ago
- Authenticode Hash Calculator for PE32/PE32+ files☆114Updated 2 months ago
- Protect a process from code injection, termination and hooking☆49Updated 4 years ago
- ☆40Updated 6 years ago
- A mini filter driver development framework allows you to develop minit filter driver with different features.☆60Updated 4 months ago
- Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)☆63Updated 6 years ago
- ☆18Updated 6 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 5 years ago