weixu8 / RegistryMonitorLinks
Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
☆21Updated 11 years ago
Alternatives and similar repositories for RegistryMonitor
Users that are interested in RegistryMonitor are comparing it to the libraries listed below
Sorting:
- A tool to investigate the Windows device manager☆13Updated 6 years ago
- Send SECURE_ERASE_UNIT and SANITIZE_DEVICE ATA command to hard disks☆50Updated 11 years ago
- ☆27Updated 10 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆17Updated 10 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 7 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- a network filter using NDIS hook technique☆19Updated 12 years ago
- ☆36Updated 5 years ago
- WoW64 -> x64☆18Updated 9 years ago
- UI application that can compare PE images in memory or in raw PE file☆19Updated 11 years ago
- windows kernel File redirection☆20Updated 11 years ago
- The Windows driver and device management program for NDAS devices such as the NetDISK.☆16Updated 9 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 6 years ago
- use crystalCPUID to identify vt-x & amd-v☆17Updated 10 years ago
- Open Source Libraries Collection☆24Updated 10 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆21Updated 2 years ago
- Event Tracing for Windows Custom Events☆21Updated 11 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Updated 9 years ago
- x64 Kernel Hooks Detection☆24Updated 9 years ago
- copy of tdifw lib☆10Updated 8 years ago
- This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks☆33Updated 8 years ago
- ☆14Updated 7 years ago
- Final Transparent encrypted version☆14Updated 9 years ago
- Hook IDT vector 0xb2 to detect SCI in 64bit windows.☆34Updated 3 years ago
- Kernel mode driver for writing to physical disk with SL_FORCE_DIRECT_WRITE☆25Updated 11 years ago
- PE Infector/Cryptor source code☆16Updated 8 years ago
- File downloader with SSL support and progress bar☆19Updated 8 years ago
- Windows Simple Process Logger implemented as driver☆18Updated 8 years ago
- idenLib (Library Function Identification) plugin for x32dbg☆41Updated 6 years ago
- ☆29Updated 5 years ago