pagiux / IRPLoggerLinks
A minifilter driver to capture processes behavior from a filesystem prospective.
☆15Updated 11 months ago
Alternatives and similar repositories for IRPLogger
Users that are interested in IRPLogger are comparing it to the libraries listed below
Sorting:
- This repo is created to perform I/O Request Packet (IRP) driven ransomware analysis where the IRP logs were collected during ransomware e…☆11Updated 5 years ago
- 🔍 "2015 Microsoft Malware Classification Challenge" - Using machine learning to classify malware into different families based on Window…☆29Updated last year
- Public datasets of malware and benign executable files (Windows EXE files). The dataset can be used by cybersecurity researchers focusing…☆23Updated 2 years ago
- Malware datasets tagged by behavior, platform, vulnerability, and packer☆25Updated last year
- RanSAP: An Open Dataset of Ransomware Storage Access Patterns for Training Machine Learning Models☆27Updated last year
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- ☆15Updated 5 years ago
- A new idea to build an anti ransomware☆24Updated 4 years ago
- Virtual Machine Introspection (VMI) for memory forensics and machine-learning.☆27Updated 3 months ago
- Meltdown/Spectre PoC for Windows☆26Updated 6 years ago
- Defense from the 2020 Microsoft Evasion Competition☆17Updated 4 years ago
- ☆38Updated last year
- A Deep Learning ensemble that classifies Windows executable files as either benign, ransomware, or other malware.☆27Updated 6 years ago
- capemon: CAPE's monitor☆126Updated this week
- Malware Classification using Machine learning☆72Updated 10 months ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆87Updated last year
- Dataset of packed PE samples☆38Updated last year
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Updated 3 years ago
- This repository contains D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation.☆37Updated 4 years ago
- Ransomware detection application for Windows using Windows Minifilter driver☆88Updated 5 years ago
- Malware Classification and Labelling using Deep Neural Networks☆39Updated 5 years ago
- ☆14Updated 6 years ago
- This repository contains dynamic and static tools for IoT malware analysis☆21Updated 3 years ago
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- Training and testing pipeline for ransomware classification based on screenshots of the splash screens or ransom notes (https://arxiv.org…☆11Updated 5 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆127Updated 3 years ago
- KVM Virtual Machine Introspection Library☆47Updated last year
- A minifilter driver preserves all modified and deleted files.☆80Updated 10 years ago
- AVCLASS++: Yet Another Massive Malware Labeling Tool☆14Updated 5 years ago
- Windows disk filter driver to demonstrate sector write redirection☆40Updated 11 years ago