Mirrors/hidden
6
0
Fork 0
mirror of https://github.com/JKornev/hidden synced 2024-06-25 16:38:05 +00:00
Code Issues Projects Releases Wiki Activity
138 Commits 1 Branch 2 Tags 762 KiB
master
Commit Graph

39 Commits

Author SHA1 Message Date
JKornev
331952e7fc Improved looking for EPROCESS::ActiveProcessLinks algo 2021-08-28 02:11:47 +03:00
JKornev
5a678ce3c4 Fixed a bug with a process initialization flag in PsMonitor 2021-08-24 23:27:25 +03:00
JKornev
536a3ec3e8 Hiding a process from PspCidTable on Windows Vista and 7 2021-08-24 03:51:43 +03:00
JKornev
0c01afa4e1 Improved hiding from PspCidTable, works for new processes (win 8+) 2021-08-23 02:31:47 +03:00
JKornev
42644b71f5 The first working implementation of the hiding PspCidTable stuff (Win8+) 2021-08-21 23:22:51 +03:00
JKornev
1b76e90ada Optimized process table access 2021-08-15 03:18:53 +03:00
JKornev
1424bee8ee Added a test for a process hiding 2021-07-31 02:56:13 +03:00
JKornev
206258a6fe Added a cache to routine that looks for ActiveProcessLinks offset 2021-07-30 22:44:57 +03:00
JKornev
9e89ad1da0 Added an ability to configure hiding processes over a registry 2021-07-30 13:37:41 +03:00
JKornev
a2e5e8e901 Process table optimization for hidden processes 2021-07-30 03:08:33 +03:00
JKornev
9d3db08314 Implemented /unhide support for processes 2021-07-29 03:27:09 +03:00
JKornev
0628ceb520 Fix for reference leak and output in a driver 2021-07-29 01:00:45 +03:00
JKornev
3f5350a750 Kernel mode hiding process implementation 2021-07-28 22:30:35 +03:00
JKornev
8a9f37e8f2 Kernel level configuration for hidden processes 2021-07-25 23:15:32 +03:00
JKornev
1e965bbe2d Different small fixed 2021-07-24 15:31:02 +03:00
JKornev
7e1d00c2dd Fixed compilation errors on x64 arch 2021-07-05 01:30:25 +03:00
Jora Kornev
8e4dd95562
Update PsMonitor.c 
Fix for log output (thx to hsheep)
 2019-04-19 12:08:50 +03:00
JKornev
0e9e814c28 Threads protection fix 2018-12-20 02:53:44 +03:00
JKornev
01bba71d6d Logging improvements 2018-12-03 00:57:11 +03:00
JKornev
aed77ac670 Hardcoded exclusion for the system process 2017-02-18 16:39:47 +03:00
JKornev
d2af2c51e0 Fixes for Code Analysis artifacts 2017-02-03 01:56:00 +03:00
JKornev
fbae5ffa57 Fix for possible IRQL violations 2016-12-29 22:49:07 +03:00
JKornev
67355c72c4 Fix for BSOD and vmware.conf 2016-12-28 00:31:03 +03:00
JKornev
1b643e5e84 Configs installation to registry 2016-12-25 23:57:05 +03:00
JKornev
79cec65cf2 Driver loads configs from registry 2016-12-18 21:12:42 +03:00
JKornev
5d611535e7 Added 'state' command 2016-12-12 23:41:11 +03:00
JKornev
146af98691 Fixed issue with avoiding parent process checking and etc 2016-12-10 14:23:04 +03:00
JKornev
3851dcd17d Multiple changes 
- Fixed issue with signing Release driver builds
- Renamed all Nt* functions to Zw* (access denied fix, KTHREAD!PreviousMode)
- Added "apply to all processes" feature for adding exluded\protected images api
- Fixed sync issues for process table, sync primitives moved to external code
etc
 2016-10-19 00:35:52 +03:00
JKornev
6b0777c4de Added new process exclusion tests 2016-10-15 00:36:57 +03:00
JKornev
98014e750e Major changes 
- Fixed BSOD on driver deinitialization step
- Fixed resources leak in the reg filter
- Fixed path normalization function
- Added support for inherit type in predefined process monitor configs
- Added support for opening protected processes by subsystem
- Added tests for protected processes
and other little fixes
 2016-10-11 00:45:07 +03:00
JKornev
4c3047c669 Added path normalization to the ps monitor 2016-09-19 23:20:44 +03:00
JKornev
1fdfa70156 Fix for issue with file\dir name duplication 2016-09-07 02:23:41 +03:00
JKornev
5d1787ffbc Added exclude\protect list loading from HiddenCLI to driver 
Fixed memory leak on the CreateProcessNotifyCallback
 2016-09-05 22:30:26 +03:00
JKornev
a25458a4c8 Added usermode implementation of the PsMonitor interface 
and etc
 2016-09-04 22:00:55 +03:00
JKornev
80b89c2f28 Added Get\Set process exclude\protect state 
Fixed issue with the hidden.inf
and etc
 2016-09-04 20:19:17 +03:00
JKornev
f65a2301c6 PS monitor internal API implementation 2016-08-30 22:40:25 +03:00
JKornev
07d0e4d747 PsTable raise condition fix and etc 2016-08-28 19:53:33 +03:00
JKornev
480b0ef15f Added protected & excluded process lists 2016-08-27 23:18:54 +03:00
JKornev
228b3fb1fc initial commit 2016-07-22 02:02:31 +03:00