socjordi / sauronLinks
Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)
☆63Updated 6 years ago
Alternatives and similar repositories for sauron
Users that are interested in sauron are comparing it to the libraries listed below
Sorting:
- ☆29Updated 4 years ago
- a sandbox project by sudami☆17Updated 7 years ago
- ☆35Updated 5 years ago
- Windows tool box library☆66Updated 7 years ago
- ☆18Updated 7 years ago
- A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard a…☆32Updated 9 years ago
- it can extract functions from .dll, .exe, .sys and it be work! :)☆40Updated 6 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 7 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Updated 7 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆27Updated 6 years ago
- Detects if a Kernel mode debugger is active by reading the value of KUSER_SHARED_DATA.KdDebuggerEnabled. It is a high level and portable …☆23Updated 8 years ago
- Two sided secure/insecure socket that can do SSL/TLS connections without the need for OpenSSL libraries. It uses the standard WinCrypt mo…☆32Updated 7 years ago
- An open source library for operating the Windows Overlay Filter driver.☆22Updated 6 years ago
- A minifilter driver preserves all modified and deleted files.☆80Updated 10 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- Driver Loader/BE Bypass/Win Malware(lol)☆36Updated 6 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆21Updated 2 years ago
- Library for ETW, ProcessTracker sample based on ETW☆34Updated 8 years ago
- Windows sandbox PoC☆32Updated 5 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆56Updated 7 years ago
- View handles and object for each object type☆64Updated 6 years ago
- Simple AntiVirus Driver example☆39Updated 8 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆48Updated 7 years ago
- Windows ndiscap.sys adapter for WinPcap applications☆27Updated 9 years ago
- Trace events in real time sessions☆45Updated 2 years ago
- Sysark全称system anti-rootkit,是我学习内核写的工具(2013年的代码,后续不会再更新),里面基本上所有的功能都是用内核实现的。这里只是实现了反rootkit部分功能,作为工具的话,本人觉得还欠完善,但作为学习,或有人需要。目前针对的是XP SP2,…☆27Updated 8 years ago
- Windows Console Monitor☆34Updated 6 years ago
- Example of real-time Windows ETW packet capture session☆54Updated 8 years ago
- ☆10Updated 6 years ago