RafWu / RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
☆84Updated 4 years ago
Alternatives and similar repositories for RansomWatch:
Users that are interested in RansomWatch are comparing it to the libraries listed below
- A ProcMon-esque tool for monitoring Windows Kernel Drivers☆56Updated 3 years ago
- ☆13Updated 4 years ago
- An example of a client and server using Windows' ALPC functions to send and receive data.☆95Updated 2 months ago
- ☆31Updated 4 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆36Updated 4 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆47Updated 6 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- a monitoring windows driver calls kernel api tools☆103Updated 9 months ago
- ☆65Updated 6 years ago
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆97Updated 2 years ago
- Windows disk filter driver to demonstrate sector write redirection☆40Updated 11 years ago
- Use ci.dll API for validating Authenticode signature of files☆139Updated 3 years ago
- A minifilter driver preserves all modified and deleted files.☆81Updated 9 years ago
- My first kernel-mode process protection driver!☆37Updated 5 years ago
- Using C++ STL on Windows kernle development☆88Updated 6 years ago
- Protect a file from being deleted using windows kernel file system minifilter driver☆38Updated 4 years ago
- Easy Transparent Encrypted File System Based on Minifilter File System Driver☆34Updated 2 months ago
- Collect various versions of ntoskrnl files☆50Updated last year
- A driver to intercept low level windows events☆62Updated 5 years ago
- Protect a process from code injection, termination and hooking☆48Updated 3 years ago
- Tutorial & a blog post that demonstrate how to code a Windows driver to inject a custom DLL into all running processes. I coded it from s…☆134Updated 3 years ago
- ☆23Updated 7 years ago
- Static user/kernel mode library that allows access to all functions and global variables by extracting offsets from the PDB☆85Updated last week
- Record & prevent file deletion in kernel mode☆42Updated 4 years ago
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆119Updated 7 years ago
- ☆47Updated 2 years ago
- Force a file delete using a windows kernel driver☆65Updated 2 years ago
- The Kernel-Mode Winsock library, supporting TCP, UDP and Unix sockets (DGRAM and STREAM).☆246Updated 2 months ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆111Updated 8 years ago
- 基于WFP的小型网络过滤驱动,拦截百度的DNS,感谢公司前辈们的思路与指导。☆14Updated 3 years ago