https://github.com/VKrebs/screen-sentinel

🛡️ Screen Sentinel – A personnal challenge to build a secure, tamper-resistant Windows lock screen overlay. The goal: block all interaction while keeping the desktop visible, persist as a Windows Service, enforce security restrictions, and log access attempts. 🔒
https://github.com/VKrebs/screen-sentinel

dotnet experimental hacking hardening lockscreen screen-lock security session-management windows-security

Last synced: about 1 month ago
JSON representation

🛡️ Screen Sentinel – A personnal challenge to build a secure, tamper-resistant Windows lock screen overlay. The goal: block all interaction while keeping the desktop visible, persist as a Windows Service, enforce security restrictions, and log access attempts. 🔒

• Host: GitHub
• URL: https://github.com/VKrebs/screen-sentinel
• Owner: VKrebs
• License: mit
• Created: 2025-03-09T17:57:12.000Z (about 2 months ago)
• Default Branch: main
• Last Pushed: 2025-03-09T18:28:38.000Z (about 2 months ago)
• Last Synced: 2025-03-09T19:29:45.680Z (about 2 months ago)
• Topics: dotnet, experimental, hacking, hardening, lockscreen, screen-lock, security, session-management, windows-security
• Homepage:
• Size: 2.93 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - VKrebs/screen-sentinel - 🛡️ Screen Sentinel – A personnal challenge to build a secure, tamper-resistant Windows lock screen overlay. The goal: block all interaction while keeping the desktop visible, persist as a Windows Serv (PowerShell)

README

        
# 🛡️ Screen Sentinel  

**A personal challenge to build a tamper-resistant Windows lock screen overlay.**    

---

## 🔍 About  

**Screen Sentinel** is an **experimental project** aimed at creating a **secure, transparent lock screen overlay** for Windows. The (unoriginal) idea is simple:  

- Lock down all user interaction **while keeping the screen visible**.  

- Persist as a **Windows Service** to prevent easy termination.  

- **Enforce system restrictions** (disable Task Manager, prevent process launches, etc.).  

- **Log access attempts** and system events for security tracking.  

Right now, **this is a personal project**, **not a commercial-grade solution**. Expect **experimentation, work-in-progress code**, and possibly some fun security challenges along the way! 😃  

---

## ⚡ Features (Planned & In Progress)  

🚧 **Transparent lock UI** – Block input while keeping the desktop visible.  

🚧 **Windows Service integration** – Ensures persistence on startup.  

🚧 **Security restrictions** – Disable Task Manager, Explorer, etc.  

🚧 **Tamper resistance** – Prevent process termination and work around `Ctrl+Alt+Del`.  

🚧 **Authentication methods** – Start with password, later explore EntraID, biometrics or hardware unlock.  

🚧 **Audit logging** – Log access attempts and security events to Windows Event Log.  

---

## 🎯 Goals & Challenges  

This project is **more of a challenge than a product**. Some things I’m exploring:  

- **Windows APIs & Security:** `CreateProcessAsUser`, privilege escalation, and system restrictions.  

- **Process & Service Management:** How to make a persistent watchdog for a security app.  

- **Bypass Prevention:** Understanding what users *can* and *can’t* do when trying to escape the lock.  

- **Logging & Auditing:** How to track security events effectively.  

If you're interested in **low-level Windows hacking**, **security engineering**, or **kiosk-like system lockdowns**, this might be for you!  

---

## 🛠️ Setup & Running (WIP)  

⚠️ **Warning:** This is an early-stage project and may break things. Use with caution.  

### **Requirements**  

- Windows 10 or 11  

- .NET (for the service and UI)  

### **Running the Project**  

*(Steps will be added as development progresses!)*  

---

## 🗺️ Roadmap  

🔹 **Phase 1:** Core functionality – lock UI, input blocking, simple service.  

🔹 **Phase 2:** Process hardening – prevent termination, restrict system features.  

🔹 **Phase 3:** Authentication methods – password, EntraID, biometrics, etc.  

🔹 **Phase 4:** Logging & security auditing.  

🔹 **Phase 5:** (Maybe) More advanced security enhancements.  

---

## 🤝 Contributions & Feedback  

Since this is an **exploratory project**, I welcome **ideas, feedback, and discussions!**   

If you have insights on **Windows security, system lockdown techniques, or general improvements**, feel free to open an issue or share thoughts.   

For now, this is a personal project, so **contributions are informal**, but if things evolve, I may open it up more!  

---

## 📜 License  

This project is licensed under the **MIT License**. See the [LICENSE](LICENSE) file for details.  

---

## 📢 Disclaimer  

This is a **learning project**, not an enterprise security solution. **Use at your own risk** – it might have **security flaws, incomplete features, or bugs**. If you find a cool bypass, let me know! 😃