Kernel mode minifilter driver and User mode C# API for filesystem events monitoring
-
Updated
Jun 26, 2023 - C
Kernel mode minifilter driver and User mode C# API for filesystem events monitoring
FileRedirector
Le petit Minifilter Driver surveillant file I/O de processus
Filesystem minifilter driver spying on IO operations
Windows kernel development in Rust is not widely used yet. Therefore, here is a simple example of a driver and minifilter written in Rust. Also, I've written some helpful crates. Enjoy!
Source code for the blog post "Ransomware in the honeypot: how we capture keys with sticky canary files"
Procmonel is Procmon like monitoring system implemented using Microsoft WDK
Windows Minifilter Driver in pure Rust
Record & prevent file deletion in kernel mode
File system minifilter driver for Windows to block symbolic link attacks.
Permission Filesystem Minifilter
Easy Transparent Encrypted File System Based on Minifilter File System Driver
Ransomware detection application for Windows using Windows Minifilter driver
NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.
Add a description, image, and links to the minifilter-driver topic page so that developers can more easily learn about it.
To associate your repository with the minifilter-driver topic, visit your repo's landing page and select "manage topics."