socjordi / sauron
Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)
☆61Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for sauron
- windows rpc 使用MIDL+RPC实现HelloWorld☆21Updated 6 years ago
- ☆32Updated 4 years ago
- PoC executable packer using resources☆31Updated 8 years ago
- it can extract functions from .dll, .exe, .sys and it be work! :)☆38Updated 5 years ago
- A driver to intercept low level windows events☆60Updated 5 years ago
- ☆17Updated 6 years ago
- For Example. See Miro's Blog☆29Updated last year
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 6 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆24Updated 5 years ago
- Static Library For Windows Drivers☆30Updated this week
- 大表哥的Syscall-Monitor☆34Updated 5 years ago
- View handles and object for each object type☆63Updated 5 years ago
- ☆27Updated 3 years ago
- Open Source Libraries Collection☆24Updated 8 years ago
- a sandbox project by sudami☆16Updated 6 years ago
- Kernel (Ring0) - SSDT unhook driver☆13Updated 6 years ago
- ☆33Updated 4 years ago
- kernel-mode TDI client which can send and receive HTTP requests☆55Updated 6 years ago
- map driver to memory☆25Updated 6 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆11Updated 4 years ago
- a network filter using NDIS hook technique☆19Updated 11 years ago
- ☆29Updated 3 years ago
- Windows Console Monitor☆32Updated 5 years ago
- ☆19Updated 6 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- Windows Minifilter driver that redirects any I/O Request of mp3 files to a target file☆16Updated 9 years ago
- ☆23Updated 5 years ago
- 主动防御-网络过滤器(firewall)☆5Updated last year