Thanks to visit codestin.com
Credit goes to github.com

Skip to content

crossfireup/wkd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
ExplorePE
ExplorePE
 
 
HookControl
HookControl
 
 
HookSSDT
HookSSDT
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

WKD

this project include kernel-mode driver and user-mode control application

  • dirver
    • run in kernel-mode can modify SSDT function
    • log the process infomation that calls the modified syscall
    • log the process create and exit information
  • application
    • create service to control the driver's load, unload, etc
    • Simple analyze of the process image file

Prerequisties

  • install Visual Studio 2013
  • Windows Driver Kits 7

Installing

  • open the project file and build it, you get the driver file and application executable file
  • copy them to the same directory and open the exe file

ChangLog

  • develop a kernel driver and can install use devcon
  • develop a user-mode application that controls the driver

TODO

  • complete the IoControl within the driver
  • Add PE analysis to the application and perfect the window showup

contact

dobly [email protected]

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages