NotInfecktya is a modern cybersecurity solution to defend users and companies from ransomwares👾, made totaly on windows kernel mode. It counts with a beatiful graphical interface to show the informations for the users around start and stop the driver, open the backup folder(Notice that the driver have to be stopped to the user can recover their data), and be able to release the backup space from on disk. If the company wants to do some programmatic operation on file system, they need to connect on driver and use the interface token, entering in contact with our team we can provide some code for reference.
Our honeypot system works on kernel mode using of windows file listing preference, where it have files with different terms at the beginning of the file like: ._, aa, zz. it has three archives with .txt and .docx termination for in the case of ransomware tries to filter the list by extension This make the files appear in the beginig or on the end of ransomware's encryption list.
Our common extension blacklist prevents the creation/renaming of files with a specified ending considered potentially malicious
Our entropy monitoring compares the old file that is in the backup with the changed one and checks if it was totaly encrypted by magic bytes or if happened a more than two files changes in less than 10 seconds
- if the user wants to make a large change to the files he can use our token to do so
our backup which has kernel protection of folders that saves on every write operation of a file where only the user can access the files contained in it turning off the driver via graphical interface
- Clean the backup every now and then... we don't have a self-cleaning mechanism yet
- NotInfecktya Persistence
- Soldiers Auto-Generator
- Backup Updates
- PPID Terminate
- Install .Net 6
Disable Windows protection against unsigned drivers by cmd:
bcdedit.exe /set testsigning on
Execute NotInfecktyaInstaller.exe to run the setup, after that, open the application and click on "Add Soldiers" to add the decoy files (it takes around 5 minutes).
On complete, click on the button "on" to start the driver and get your token...
Now your system are safe, Thanks for choose us!!!😁
