{"id":23946062,"url":"https://github.com/kalimcs/kernel-tools","last_synced_at":"2025-09-12T04:31:33.990Z","repository":{"id":270997527,"uuid":"911627144","full_name":"kalimcs/Kernel-Tools","owner":"kalimcs","description":"Anti-Rootkit","archived":false,"fork":false,"pushed_at":"2025-01-04T16:53:23.000Z","size":5519,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-04T17:27:22.439Z","etag":null,"topics":["anti-rootkit","ark","debugger","driver","drivers","kernel","kernel-tools","pchunter","tools","windows","windowskernel"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kalimcs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-03T13:15:27.000Z","updated_at":"2025-01-04T16:53:27.000Z","dependencies_parsed_at":"2025-01-04T17:38:13.284Z","dependency_job_id":null,"html_url":"https://github.com/kalimcs/Kernel-Tools","commit_stats":null,"previous_names":["kalimcs/kernel-tools"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kalimcs%2FKernel-Tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kalimcs%2FKernel-Tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kalimcs%2FKernel-Tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kalimcs%2FKernel-Tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kalimcs","download_url":"https://codeload.github.com/kalimcs/Kernel-Tools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232693112,"owners_count":18562079,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-rootkit","ark","debugger","driver","drivers","kernel","kernel-tools","pchunter","tools","windows","windowskernel"],"created_at":"2025-01-06T08:21:43.450Z","updated_at":"2025-01-06T08:21:46.016Z","avatar_url":"https://github.com/kalimcs.png","language":null,"readme":"# Kernel-Tools\nKernel-Tools is an Ark tool on the Windows platform \nIt's a completely free tool \nsupport Windows 10 - Windows11 \n\n\n### Features\n\n1. View Process\\Drivers\\SystemCallBacks\\SystemNotifys\\MiniFilters\\IDT\\SSDT\\IoTimer.....\n2. Hide Process\n3. Force Hide Process(Erase PspCidTable\\Set Pid To 0 ...)\n4. TerminateProcess(ZwTerminateProcess)\n5. ForceTerminateProcess(Ignore any process protections)\n6. SetProcessPP(L)s\n7. SetProcessPid\n8. Set Process To System Critical Process\n9. SuspendProcess\n10. ResumeProcess\n11. ProtectProcess\n12. DIKS/FSD/ScSi/Acpi/AtApi/KeyBoard/Mouse/PartMgr Hook Scan/Remove\n13. Prohibit CreateProcess/LoadDriver/Edit Registry/CreateFile/READ WRITE Disk BOOT Sector\n14. Dynamic Disable Driver Signature Enforcement / Enable Driver Signature Enforcement\n15. ForceDeleteFile(Ignore Irp Occupation/HardLink/Handle Occupation)\n16. FastShutDown\n17. FastReboot\n\n\n### Commandline\n\n1. \"Kernel Tools.exe\" -ddse (Dynamic Disable Driver Signature Enforcement)\n2. \"Kernel Tools.exe\" -edse (Dynamic Enable Driver Signature Enforcement)\n3. \"Kernel Tools.exe\" -reboot (fastreboot)\n4. \"Kernel Tools.exe\" -shutdown (fastshutdown)\n5. \"Kernel Tools.exe\" -prohibitcreatefile (prohibitcreatefile)\n6. \"Kernel Tools.exe\" -disabledprohibitcreatefile (disabledprohibitcreatefile)\n7. \"Kernel Tools.exe\" -forcedeletefile (forcedeletefile(The only entry point for ForceDeleteFile))\n\n\n### How to use\n\n1. Disabled HVCI\n2. Open Kernel Tools.exe\n3. Select No in the pop-up selection box\n4. Wait to enter\n\n\n# Kernel-Views\n### Drivers\nEnum \n1. Driver Name\n2. Driver Base\n3. Driver Object\n4. Driver Path\n\n\n### System Callbacks/Notifys\nEnum \n1. PsSetCreateProcessNotifyRoutine\n2. PsSetCreateProcessNotifyRoutineEx\n3. PsSetCreateProcessNotifyRoutineEx2\n4. PsSetCreateThreadNotifyRoutine\n5. PsSetCreateThreadNotifyRoutineEx\n6. PsSetLoadImageNotifyRoutine\n7. PsSetLoadImageNotifyRoutineEx\n8. KeRegisterBugCheckCallback\n9. KeRegisterBugCheckReasonCallback\n10. CmRegisterCallback\n11. CmRegisterCallbackEx\n12. IoRegisterShutdownNotification\n13. IoRegisterLastChanceShutdownNotification\n14. PoRegisterPowerSettingCallback\n15. IoRegisterFsRegistrationChange\n16. KeRegisterNmiCallback\n17. SeCiCallbacks\n18. PoRegisterCoalescingCallback\n19. IoRegisterPriorityCallback\n20. PsRegisterAltSystemCallHandler\n21. DbgSetDebugPrintCallback\n\nFeatures:\n\nEnum Type/Entry Address/Module \nDisabled Callback/Notify \n\n\n\n### MiniFiler\nEnum \n1. Filter\n2. Pre Operation\n3. Post Operation\n4. Module\n\nFeatures:\nRemove MiniFilter \n\n\n### SSDT\nEnum \n1. Function Name\n2. Function Address\n3. Module\n\nFeatures:\n\nSSDT Hook Scan\n\n### IDT\nEnum \n1. IDT Function Address\n2. Module\n\n\n### IoTimer\nEnum \n1. IoTimer Object Address\n2. IoTimer Entry Address\n3. Module\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkalimcs%2Fkernel-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkalimcs%2Fkernel-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkalimcs%2Fkernel-tools/lists"}