socjordi / sauron
Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)
☆61Updated 5 years ago
Alternatives and similar repositories for sauron:
Users that are interested in sauron are comparing it to the libraries listed below
- windows rpc 使用MIDL+RPC实现HelloWorld☆21Updated 6 years ago
- ☆27Updated 4 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆25Updated 5 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- it can extract functions from .dll, .exe, .sys and it be work! :)☆38Updated 5 years ago
- Static Library For Windows Drivers☆33Updated last month
- A stack and register based virtual machine which can compile and execute arbitrary code in runtime☆41Updated 2 years ago
- ☆32Updated 4 years ago
- Windows file system minifilter driver which generates backup copies of certain files before they change☆46Updated 6 years ago
- ☆17Updated 6 years ago
- For Example. See Miro's Blog☆30Updated 2 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 6 years ago
- Windows tool box library☆64Updated 7 years ago
- a network filter using NDIS hook technique☆19Updated 11 years ago
- A minifilter driver for detecting and blocking ransomware virus☆26Updated 6 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆26Updated 7 years ago
- Windows CVE主防(HIPS/HIDS)☆54Updated 3 years ago
- A driver to intercept low level windows events☆60Updated 5 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆11Updated 5 years ago
- 安全卫士项目☆32Updated 7 years ago
- 主动防御-网络过滤器(firewall)☆5Updated last year
- Windows Sandbox Framework☆37Updated 3 years ago
- 大表哥的Syscall-Monitor☆34Updated 5 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆19Updated last year
- Windows Console Monitor☆33Updated 5 years ago
- PoC executable packer using resources☆31Updated 8 years ago