weixu8 / RegistryMonitor
Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
☆21Updated 11 years ago
Alternatives and similar repositories for RegistryMonitor:
Users that are interested in RegistryMonitor are comparing it to the libraries listed below
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 9 years ago
- just an lite AntiRootkit for interesting☆23Updated 9 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 6 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆20Updated last year
- Ssdt Hook Detection tool☆13Updated 8 years ago
- Windows anti-rootkit library☆38Updated 10 years ago
- a network filter using NDIS hook technique☆19Updated 12 years ago
- ☆28Updated 4 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- windows kernel File redirection☆20Updated 10 years ago
- Send SECURE_ERASE_UNIT and SANITIZE_DEVICE ATA command to hard disks☆47Updated 11 years ago
- ☆10Updated 8 years ago
- ☆33Updated 4 years ago
- UI application that can compare PE images in memory or in raw PE file☆17Updated 11 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- ☆19Updated 5 years ago
- A Hobbyist Operating System based off the ReactOS/NT Kernel experimenting with OS Development.☆26Updated 12 years ago
- copy of tdifw lib☆10Updated 7 years ago
- x64 Kernel Hooks Detection☆24Updated 8 years ago
- Notes my learning steps about Windows-NT☆23Updated 7 years ago
- Windows过滤驱动-helloworld☆22Updated 9 years ago
- Various WinDbg extensions and scripts☆31Updated 6 years ago
- Windows Simple Process Logger implemented as driver☆18Updated 7 years ago
- A tool to investigate the Windows device manager☆14Updated 6 years ago
- OpenHIPS prevents exploitation of Windows systems☆34Updated 12 years ago
- Kernel (Ring0) - SSDT unhook driver☆14Updated 7 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 5 years ago
- HTTP/HTTPS/DNS inspector (windows driver)☆26Updated 6 years ago
- Final Transparent encrypted version☆14Updated 8 years ago
- ☆12Updated 8 years ago