A Virtual Machine Introspection tool built off of the http://code.google.com/p/vmitools/ platform for rootkit detection through hidden process on Windows XP 32-bit and Windows 7 32-bit virtual machines.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
README.md
host.py
tasklist.txt
vm.py

README.md

WinWizard

A Virtual Machine Introspection tool built off of the http://code.google.com/p/vmitools/ platform for rootkit detection through hidden process on Windows XP 32-bit and Windows 7 32-bit virtual machines.

Dependencies

  1. pywin32 - http://downloads.sourceforge.net/project/pywin32/pywin32/Build%20218/pywin32-218.win-amd64-py2.7.exe?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpywin32%2Ffiles%2Fpywin32%2FBuild%2520218%2F&ts=1381713953&use_mirror=softlayer-dal
  2. zope interface 4.0.5 - https://pypi.python.org/packages/3.2/z/zope.interface/zope.interface-4.0.5.win-amd64-py3.2.exe
  3. Twisted-13.1.0 - http://twistedmatrix.com/Releases/Twisted/13.1/Twisted-13.1.0.win-amd64-py2.7.msi

NOTE: Links are for 64 bit versions of windows, but the scripts in this directory should run on any version.