weixu8 / RegistryMonitorLinks
Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
☆21Updated 11 years ago
Alternatives and similar repositories for RegistryMonitor
Users that are interested in RegistryMonitor are comparing it to the libraries listed below
Sorting:
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 7 years ago
- a network filter using NDIS hook technique☆19Updated 12 years ago
- A tool to investigate the Windows device manager☆12Updated 6 years ago
- ☆33Updated 5 years ago
- ☆27Updated 10 years ago
- windows kernel File redirection☆20Updated 11 years ago
- UI application that can compare PE images in memory or in raw PE file☆19Updated 11 years ago
- The Windows driver and device management program for NDAS devices such as the NetDISK.☆16Updated 9 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆17Updated 9 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Updated 9 years ago
- Send SECURE_ERASE_UNIT and SANITIZE_DEVICE ATA command to hard disks☆50Updated 11 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆21Updated 2 years ago
- WoW64 -> x64☆19Updated 9 years ago
- An alternative tool to Sysinternals WinObj tool (nicer icons!)☆37Updated 7 years ago
- A command line tool to load and unload a device driver.☆46Updated 8 years ago
- A simple native code virtualizer for 32-bit Windows PE☆15Updated 9 years ago
- Windows过滤驱动-helloworld☆24Updated 10 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆35Updated 8 years ago
- Windows anti-rootkit library☆36Updated 10 years ago
- ☆29Updated 4 years ago
- Reverse engineered vmware workstation code to aid in kernel debugging.☆14Updated 9 years ago
- Bypass HackShield several specific SSDT hook in Ring0☆24Updated 10 years ago
- ☆12Updated 8 years ago
- Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets☆37Updated 11 years ago
- Final Transparent encrypted version☆14Updated 8 years ago
- Windows Simple Process Logger implemented as driver☆18Updated 8 years ago
- A Hobbyist Operating System based off the ReactOS/NT Kernel experimenting with OS Development.☆28Updated 13 years ago
- copy of tdifw lib☆10Updated 8 years ago
- 在Windows上建立一个开源的强制访问控制框架及SDK。使Windows平台的应用开发者,可以不用关心操作系统底层技术,只用进行简单的SDK调用或配置就可以保护自己的应用程序。☆34Updated 9 years ago
- Library for ETW, ProcessTracker sample based on ETW☆34Updated 8 years ago