RafWu / RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
☆79Updated 4 years ago
Alternatives and similar repositories for RansomWatch:
Users that are interested in RansomWatch are comparing it to the libraries listed below
- A minifilter driver preserves all modified and deleted files.☆80Updated 9 years ago
- Use ci.dll API for validating Authenticode signature of files☆137Updated 2 years ago
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆99Updated 2 years ago
- A ProcMon-esque tool for monitoring Windows Kernel Drivers☆54Updated 3 years ago
- ☆65Updated 6 years ago
- Using C++ STL on Windows kernle development☆88Updated 5 years ago
- Disable any USB Mass Storage device from kmode using a pnp filter driver☆60Updated 4 years ago
- Modern C++ wrapper for Windows PE signature verification mechanism☆28Updated 5 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆90Updated last week
- 基于MiniFilter和Sfilter的加解密☆21Updated 5 years ago
- Protect a file from being deleted using windows kernel file system minifilter driver☆35Updated 3 years ago
- Easy Transparent Encrypted File System Based on Minifilter File System Driver☆34Updated 3 weeks ago
- ☆30Updated 4 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆50Updated 4 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆46Updated 6 years ago
- Record & prevent file deletion in kernel mode☆41Updated 4 years ago
- Automated Integration of anti-Reversing methods in PE executables☆49Updated 6 years ago
- Windows Kernel Driver with C++ runtime☆169Updated 4 years ago
- Force a file delete using a windows kernel driver☆62Updated 2 years ago
- Collect various versions of ntoskrnl files☆49Updated last year
- Windows Kernel Template Library☆108Updated 2 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆35Updated 3 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆241Updated this week
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆139Updated 5 years ago
- Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from s…☆129Updated 3 years ago
- An Ark tool project,run on Win7 x86/x64☆111Updated 7 years ago
- Anti-Anti-VM solution via Windows Driver☆57Updated 6 years ago
- 基于WFP的小型网络过滤驱动,拦截百度的DNS,感谢公司前辈们的思路与指导。☆14Updated 3 years ago
- WFP驱动,关联链路层和进程信息☆15Updated 3 years ago
- Simple windows API logger☆98Updated 5 years ago