https://github.com/azuregreen/arkprotect

An Ark tool project，run on Win7 x86/x64
https://github.com/azuregreen/arkprotect

driver kernel

Last synced: 8 months ago
JSON representation

An Ark tool project，run on Win7 x86/x64

• Host: GitHub
• URL: https://github.com/azuregreen/arkprotect
• Owner: AzureGreen
• Created: 2017-05-11T10:25:35.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2017-07-11T15:12:52.000Z (almost 9 years ago)
• Last Synced: 2025-04-11T01:41:32.571Z (about 1 year ago)
• Topics: driver, kernel
• Language: C
• Size: 353 KB
• Stars: 113
• Watchers: 7
• Forks: 63
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# ArkProtect

### Platform in Win7 x86/x64


## A Windows kernel watch tool which can protect PC somehow


#### Maybe some bugs exist, please test it in Virtual Machine

## process module:

1. Enumerate processes.

2. Enumerate process's loaded modules.

3. Enumerate process's running threads.

4. Enumerate process's openning handles.

5. Enumerate process's openning windows.

6. Enumerate process's userspace memory.

7. Terminate a process (by force).

## driver module:

1. Enumerate current loaded drivers.

2. Unload target driver.

## kernel module:

1. Enumerate system callbacks.

2. Enumerate filter drivers.

3. Enumerate timer object (IOTimer/ DpcTimer).

## kernel hook:

1. Now, just support ssdthookcheck & sssdthook check, it will support inline hook check in the future.