pagiux / IRPLogger
A minifilter driver to capture processes behavior from a filesystem prospective.
☆14Updated 5 months ago
Alternatives and similar repositories for IRPLogger:
Users that are interested in IRPLogger are comparing it to the libraries listed below
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆36Updated 4 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- Public datasets of malware and benign executable files (Windows EXE files). The dataset can be used by cybersecurity researchers focusing…☆23Updated last year
- RanSAP: An Open Dataset of Ransomware Storage Access Patterns for Training Machine Learning Models☆28Updated 7 months ago
- A new idea to build an anti ransomware☆23Updated 4 years ago
- Dataset of packed PE samples☆33Updated 8 months ago
- Research tool able to detect and mitigate evasion techniques used by malware in-the-wild☆11Updated 2 years ago
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆22Updated 5 years ago
- Ransomware detection application for Windows using Windows Minifilter driver☆84Updated 4 years ago
- IntroVirt is an guest introspection library for KVM☆54Updated 7 months ago
- ☆13Updated 4 years ago
- ☆13Updated 5 years ago
- Windows disk filter driver to demonstrate sector write redirection☆39Updated 11 years ago
- A minifilter driver preserves all modified and deleted files.☆81Updated 9 years ago
- ☆28Updated 7 years ago
- ☆19Updated 2 weeks ago
- Windows Simple Process Logger implemented as driver☆18Updated 7 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆34Updated 4 years ago
- ☆21Updated 9 years ago
- Ransomware Dataset for arXiv:1609.03020☆23Updated 3 years ago
- [SmartCom2017] An Effective Malware Detection based on Behaviour and Data Feature☆19Updated 6 years ago
- 🔍 "2015 Microsoft Malware Classification Challenge" - Using machine learning to classify malware into different families based on Window…☆25Updated last year
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 5 years ago
- Example of real-time Windows ETW packet capture session☆53Updated 7 years ago
- capemon: CAPE's monitor☆110Updated last week
- 基于Intel BTS(Branch Trace Store)技术开发实现的线程级代码追踪工具☆9Updated 4 years ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆11Updated 2 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆85Updated 9 months ago
- ☆31Updated 4 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆47Updated 6 years ago