GitHub - Marsh61/Windows-Driver-Hook-ZwEnumerateValueKey: This driver will hook the ZwEnumerateValueKey on 32 bit windows systems by hooking the function through the SSDT table. The malicious hook will hide registry keys with a name that contains "_root

Marsh61 / Windows-Driver-Hook-ZwEnumerateValueKey Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

This driver will hook the ZwEnumerateValueKey on 32 bit windows systems by hooking the function through the SSDT table. The malicious hook will hide registry keys with a name that contains "_root_"

1 star 0 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
Debug		Debug
HookSSDT2		HookSSDT2
Directory.Build.props		Directory.Build.props
HookSSDT2.sln		HookSSDT2.sln

About

This driver will hook the ZwEnumerateValueKey on 32 bit windows systems by hooking the function through the SSDT table. The malicious hook will hide registry keys with a name that contains "_root_"

Activity

1 star

2 watching

0 forks

Report repository