pagiux / IRPLoggerLinks
A minifilter driver to capture processes behavior from a filesystem prospective.
☆14Updated 11 months ago
Alternatives and similar repositories for IRPLogger
Users that are interested in IRPLogger are comparing it to the libraries listed below
Sorting:
- This repo is created to perform I/O Request Packet (IRP) driven ransomware analysis where the IRP logs were collected during ransomware e…☆11Updated 5 years ago
- RanSAP: An Open Dataset of Ransomware Storage Access Patterns for Training Machine Learning Models☆27Updated last year
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- Ransomware detection application for Windows using Windows Minifilter driver☆88Updated 5 years ago
- 🔍 "2015 Microsoft Malware Classification Challenge" - Using machine learning to classify malware into different families based on Window…☆28Updated last year
- A new idea to build an anti ransomware☆24Updated 4 years ago
- Public datasets of malware and benign executable files (Windows EXE files). The dataset can be used by cybersecurity researchers focusing…☆24Updated 2 years ago
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆37Updated 4 years ago
- An implementation of the paper "ELF-Miner: Using Structural Knowledge and Data Mining Methods To Detect New (Linux) Malicious Executables…☆15Updated 6 years ago
- ☆15Updated 5 years ago
- AVCLASS++: Yet Another Massive Malware Labeling Tool☆14Updated 5 years ago
- ☆37Updated last year
- Defense from the 2020 Microsoft Evasion Competition☆17Updated 4 years ago
- ☆14Updated 6 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- Ransomware Dataset for arXiv:1609.03020☆25Updated 3 years ago
- A Deep Learning ensemble that classifies Windows executable files as either benign, ransomware, or other malware.☆27Updated 6 years ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Updated 3 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆87Updated last year
- ☆13Updated 5 years ago
- capemon: CAPE's monitor☆125Updated this week
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆123Updated 7 years ago
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆23Updated 5 years ago
- Malware Classification and Labelling using Deep Neural Networks☆38Updated 5 years ago
- IntroVirt is an guest introspection library for KVM☆56Updated last year
- ☆21Updated 3 months ago
- Source code on the 1.44MB 3.5 floppy accompanying the Windows NT File System Internals book.☆17Updated 6 years ago
- Dataset of packed PE samples☆38Updated last year
- This repository contains D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation.☆37Updated 4 years ago