zer0m0n driver for cuckoo sandbox
☆368May 19, 2015Updated 10 years ago
Alternatives and similar repositories for zer0m0n
Users that are interested in zer0m0n are comparing it to the libraries listed below
Sorting:
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- zer0m0n driver for cuckoo sandbox☆87Jul 12, 2016Updated 9 years ago
- windows kernel File redirection☆20Sep 21, 2014Updated 11 years ago
- A kernel level anti-rootkit tool which runs on the windows platform.☆92Apr 18, 2014Updated 11 years ago
- wow64 syscall filter☆13Nov 12, 2014Updated 11 years ago
- PatchGuard Research☆304Oct 6, 2018Updated 7 years ago
- WinDBG Anti-RootKit Extension☆645Jul 29, 2020Updated 5 years ago
- pcmonitor - windows kernel driver to monitor users activity(such as keyboard input, screenshot) and send encrypted reports to mobile appl…☆118Feb 5, 2014Updated 12 years ago
- A sample on how to inject a DLL from a kernel driver☆61Sep 13, 2016Updated 9 years ago
- Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets☆36Jul 21, 2014Updated 11 years ago
- Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).☆69Nov 14, 2016Updated 9 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- A Windows driver used to facilitate DLL injection☆27Oct 29, 2017Updated 8 years ago
- The dll that can hide itself and then delete itselft.☆32Mar 31, 2013Updated 12 years ago
- The new Cuckoo Monitor.☆352Jun 28, 2024Updated last year
- ☆36Oct 29, 2020Updated 5 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Mar 15, 2015Updated 10 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆17Dec 6, 2015Updated 10 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,270May 1, 2024Updated last year
- A minifilter driver preserves all modified and deleted files.☆79Jul 17, 2015Updated 10 years ago
- Hypervisor based tool for monitoring system register accesses.☆154Sep 13, 2018Updated 7 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- Detecting execution of kernel memory where is not backed by any image file☆261Jul 11, 2018Updated 7 years ago
- Monitoring and controlling kernel API calls with stealth hook using EPT☆1,358Jan 22, 2022Updated 4 years ago
- Security Research and Development Framework☆104Sep 22, 2015Updated 10 years ago
- hypervisor in windows device driver by intel vt☆14Aug 25, 2018Updated 7 years ago
- Remote execution tool☆14Jan 14, 2014Updated 12 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- ☆48Jun 19, 2017Updated 8 years ago
- Шаблон полнофункционального драйвера и обёртки над ядерным API☆114Aug 28, 2016Updated 9 years ago
- Anti-Anti-VM solution via Windows Driver☆62May 8, 2018Updated 7 years ago
- Windbg extension to find PatchGuard pages☆123Jun 24, 2014Updated 11 years ago
- Modified edition of cuckoomon☆51Jun 4, 2018Updated 7 years ago
- Elevation of privilege detector based on HyperPlatform☆123Mar 5, 2017Updated 8 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…☆33Jul 12, 2016Updated 9 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Aug 27, 2022Updated 3 years ago