Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun locations and prompting the user whether they want to allow the creation of the key. More of an experiment into Kernel level SSDT hooks but a fun project nonetheless
☆21Feb 15, 2014Updated 12 years ago
Alternatives and similar repositories for RegistryMonitor
Users that are interested in RegistryMonitor are comparing it to the libraries listed below
Sorting:
- Microsoft Windows real time file integrity monitoring and filtering using minifilter technology, this is was my university final project☆11Oct 17, 2014Updated 11 years ago
- Kernel Context [template c++] Library - K C L. Your stl for work in linux/windows kernel !!!☆11Jul 24, 2018Updated 7 years ago
- Minifilter Driver☆15Feb 10, 2017Updated 9 years ago
- ☆17Mar 3, 2016Updated 10 years ago
- Block process execute kernel driver for Windows x64☆19Apr 7, 2016Updated 9 years ago
- This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks☆33Mar 2, 2017Updated 9 years ago
- Windows Kernel Mode PCRE☆10Feb 4, 2015Updated 11 years ago
- My solutions for random crackmes and other challenges☆12Dec 23, 2019Updated 6 years ago
- A system call tracer☆10Sep 22, 2014Updated 11 years ago
- Windows设备驱动开发 光盘(示例代码)☆10Jan 14, 2013Updated 13 years ago
- Example of intel virtualization extensions usage☆10Dec 15, 2016Updated 9 years ago
- a network filter using NDIS hook technique☆19Mar 28, 2013Updated 12 years ago
- A WDM Windows driver to issue IO to storage devices with asynchronous multithreaded processing☆21Aug 28, 2016Updated 9 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Mar 13, 2017Updated 8 years ago
- some classes which can help me to program kernel driver in Windows.☆16Feb 9, 2018Updated 8 years ago
- Enumerates very, very large directories quickly by directly using kernel syscalls. For POSIX and Windows. WARNING THIS IS OBSOLETE. USE B…☆15Aug 13, 2014Updated 11 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Automatically exported from code.google.com/p/guardlite☆11Jul 2, 2015Updated 10 years ago
- Demos presented on Hackerfest 2015☆14Nov 9, 2015Updated 10 years ago
- Services and Drivers control application☆19Jul 24, 2017Updated 8 years ago
- Memory management is one of the most important parts of the operating system. KSM (Kernel Samepage Merging) in Linux kernel is a kind of…☆13Apr 8, 2018Updated 7 years ago
- pass game protect☆12Apr 26, 2014Updated 11 years ago
- ☆10Mar 30, 2016Updated 9 years ago
- Ssdt Hook Detection tool☆13Nov 11, 2016Updated 9 years ago
- A remote desktop control suite☆16Jun 28, 2014Updated 11 years ago
- C++ wrapper for capstone (x86 only)☆15Jul 27, 2017Updated 8 years ago
- ☆14Aug 15, 2018Updated 7 years ago
- PE Infector/Cryptor source code☆16Apr 30, 2017Updated 8 years ago
- WoW64 -> x64☆18Oct 1, 2016Updated 9 years ago
- midfunction d3d basehook for winxp, win7, win8, win10☆17Jan 21, 2019Updated 7 years ago
- WinPCAP for NDIS 6.x☆14Jun 24, 2019Updated 6 years ago
- ☆15Dec 26, 2017Updated 8 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆29Dec 5, 2017Updated 8 years ago
- Various libraries focused on examining/parsing NTFS-specific structures☆16Oct 25, 2015Updated 10 years ago
- ☆14Jun 27, 2017Updated 8 years ago
- Example library for how to dynamically/statically hook/intercept unmanaged functions and APIs☆13Nov 9, 2022Updated 3 years ago
- An aggregate of tools used in the core of vmp_dbg plus other parsing utils to parse vmp bc.☆16Oct 18, 2016Updated 9 years ago
- Another x86 emulator which likes bochs. But it is much weaker in the functionality. As it is a course project,now we only want to emulat…☆18Jan 5, 2014Updated 12 years ago
- File downloader with SSL support and progress bar☆19Sep 14, 2017Updated 8 years ago