weixu8 / RegistryMonitorLinks
Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
☆21Updated 11 years ago
Alternatives and similar repositories for RegistryMonitor
Users that are interested in RegistryMonitor are comparing it to the libraries listed below
Sorting:
- a network filter using NDIS hook technique☆19Updated 12 years ago
- ☆33Updated 4 years ago
- UI application that can compare PE images in memory or in raw PE file☆18Updated 11 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆17Updated 9 years ago
- ☆15Updated last year
- windows kernel File redirection☆20Updated 11 years ago
- WoW64 -> x64☆19Updated 9 years ago
- A tool to investigate the Windows device manager☆14Updated 6 years ago
- Kernel (Ring0) - SSDT unhook driver☆15Updated 7 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Updated 7 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆35Updated 8 years ago
- ☆29Updated 4 years ago
- Open Source Libraries Collection☆24Updated 9 years ago
- ☆28Updated 9 years ago
- use crystalCPUID to identify vt-x & amd-v☆17Updated 10 years ago
- copy of tdifw lib☆10Updated 8 years ago
- PE Infector/Cryptor source code☆16Updated 8 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆14Updated 7 years ago
- Final Transparent encrypted version☆14Updated 8 years ago
- windows api hooking (user mode) sample☆21Updated 11 years ago
- WhoCalls can query a directory of files, find the binaries, and search for a user specified Win API import. It and works with both 32-bit…☆18Updated 3 years ago
- The Windows driver and device management program for NDAS devices such as the NetDISK.☆16Updated 9 years ago
- ☆14Updated 7 years ago
- A command line tool to load and unload a device driver.☆47Updated 8 years ago
- Notes my learning steps about Windows-NT☆23Updated 8 years ago
- Procmonel is Procmon like monitoring system implemented using Microsoft WDK☆12Updated 5 years ago
- ☆19Updated 10 years ago
- Reverse engineered vmware workstation code to aid in kernel debugging.☆14Updated 9 years ago
- Windows过滤驱动-helloworld☆24Updated 10 years ago
- Send SECURE_ERASE_UNIT and SANITIZE_DEVICE ATA command to hard disks☆49Updated 11 years ago