pagiux / IRPLogger
A minifilter driver to capture processes behavior from a filesystem prospective.
☆14Updated 6 months ago
Alternatives and similar repositories for IRPLogger:
Users that are interested in IRPLogger are comparing it to the libraries listed below
- Ransomware detection application for Windows using Windows Minifilter driver☆84Updated 4 years ago
- ☆36Updated last year
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- Public datasets of malware and benign executable files (Windows EXE files). The dataset can be used by cybersecurity researchers focusing…☆23Updated last year
- A minifilter driver preserves all modified and deleted files.☆81Updated 9 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆104Updated 6 years ago
- ☆14Updated 5 years ago
- Malware Classification and Labelling using Deep Neural Networks☆35Updated 5 years ago
- Dataset of packed PE samples☆34Updated 9 months ago
- Robust Automated Malware Unpacker☆84Updated 2 years ago
- RanSAP: An Open Dataset of Ransomware Storage Access Patterns for Training Machine Learning Models☆27Updated 8 months ago
- capemon: CAPE's monitor☆116Updated this week
- ☆13Updated 4 years ago
- ☆13Updated 5 years ago
- Technion CS Ransomware Project: Writing Windows Mini-Filter Driver to protect PC from Ransomware☆36Updated 4 years ago
- A new idea to build an anti ransomware☆23Updated 4 years ago
- Mem2Img: Memory-Resident Malware Detection via Convolution Neural Network☆25Updated 3 years ago
- Research tool able to detect and mitigate evasion techniques used by malware in-the-wild☆11Updated 2 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- 🔍 "2015 Microsoft Malware Classification Challenge" - Using machine learning to classify malware into different families based on Window…☆25Updated last year
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆22Updated 5 years ago
- This repository contains D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation.☆35Updated 4 years ago
- Malware datasets tagged by behavior, platform, vulnerability, and packer☆23Updated last year
- Various WinDbg extensions and scripts☆31Updated 6 years ago
- anti-ransomware file-system filter☆58Updated 7 months ago
- Defense from the 2020 Microsoft Evasion Competition☆16Updated 3 years ago
- Virtual Machine Introspection (VMI) for memory forensics and machine-learning.☆26Updated 3 months ago
- ☆14Updated 6 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆35Updated 4 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago