Kernel-Mode rootkit that connects to a remote server to send & recv commands using the TDI (Transport Driver Interface) network layer
Proyect compiled using VS 2013 and WDK 8.1
To use change ip address in both driver & server
Win 7 x86 only supported for the moment
Use under Virtualization
Function Hashing (API functions resolved at runtime using hashing)
Process Explorer
Thread Explorer
File Explorer
File Transfer (Kernel to server)
TDI connections filter
TDI send filter
Encrypted communications (RC4)
More information about project parts and overview can be found here