Skip to content

oksbsb/ArkProtect

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits

ArkProtect

ArkProtect

 
 

ArkProtectApp

ArkProtectApp

 
 

ArkProtectDrv

ArkProtectDrv

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

ArkProtect.sln

ArkProtect.sln

 
 

README.md

README.md

 
 

icon.ico

icon.ico

 
 

Repository files navigation

ArkProtect

Platform in Win7 x86/x64

A Windows kernel watch tool which can protect PC somehow

Maybe some bugs exist, please test it in Virtual Machine

process module:

  1. Enumerate processes.

  2. Enumerate process's loaded modules.

  3. Enumerate process's running threads.

  4. Enumerate process's openning handles.

  5. Enumerate process's openning windows.

  6. Enumerate process's userspace memory.

  7. Terminate a process (by force).

driver module:

  1. Enumerate current loaded drivers.

  2. Unload target driver.

kernel module:

  1. Enumerate system callbacks.

  2. Enumerate filter drivers.

  3. Enumerate timer object (IOTimer/ DpcTimer).

kernel hook:

  1. Now, just support ssdthookcheck & sssdthook check, it will support inline hook check in the future.

About

An Ark tool project,run on Win7 x86/x64

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 53.0%
  • C++ 47.0%