JKornev
9e89ad1da0
Added an ability to configure hiding processes over a registry
2021-07-30 13:37:41 +03:00
JKornev
2ec973a008
Improvements for /query request
2021-07-29 16:53:39 +03:00
JKornev
9d3db08314
Implemented /unhide support for processes
2021-07-29 03:27:09 +03:00
JKornev
8a9f37e8f2
Kernel level configuration for hidden processes
2021-07-25 23:15:32 +03:00
JKornev
9767366010
Added a usermode interface for hiding processes
2021-07-25 21:37:27 +03:00
JKornev
8d6a72c644
Updated to WDK 10 and Windows 10 SDK
2021-01-21 02:48:11 +03:00
Jora Kornev
a8dc93e7b5
Fix for /ignore command
2019-11-17 23:41:34 +03:00
Jora Kornev
a780193b7c
Fix for protection PID parsing
2018-12-18 11:21:43 +03:00
JKornev
f031fc221a
Fix for invalid argument parsing logic
2018-12-18 11:19:22 +03:00
JKornev
d5db2383e7
Registry utils improvements
2017-01-07 23:28:40 +03:00
JKornev
67355c72c4
Fix for BSOD and vmware.conf
2016-12-28 00:31:03 +03:00
JKornev
8a9ba43e23
Added valid error codes
2016-12-27 00:52:30 +03:00
JKornev
32f2da5145
Fix for status output
2016-12-27 00:33:22 +03:00
JKornev
1b643e5e84
Configs installation to registry
2016-12-25 23:57:05 +03:00
JKornev
432a731aac
hiddencli supports install\uninstall stuff
2016-12-23 23:31:31 +03:00
JKornev
4f3e364d72
/install and /uninstall commands
2016-12-23 03:05:34 +03:00
JKornev
1c2c7dc3e4
Added /config command
2016-12-16 00:09:42 +03:00
JKornev
7c522d760f
Added new cli mode /multi
2016-12-15 02:30:31 +03:00
JKornev
5d611535e7
Added 'state' command
2016-12-12 23:41:11 +03:00
JKornev
146af98691
Fixed issue with avoiding parent process checking and etc
2016-12-10 14:23:04 +03:00
JKornev
fbbb57c346
Multiple fixes
...
- Fixed issue with RuleId
- Added loading of the new commands
- Fixed issue with inherit\apply flags
- Fixed invalid type issue for Protect\Ignore commands
etc
2016-12-10 00:36:56 +03:00
JKornev
0959938a6a
Added 'query' command
2016-12-09 23:27:28 +03:00
JKornev
84947c69aa
Added 'protect', 'unprotect', 'unignore'
2016-12-08 23:07:00 +03:00
JKornev
eceaaf829f
Added 'ignore' command to hiddencli
2016-12-07 02:19:54 +03:00
JKornev
93a78b2680
Added hiddencli commands 'hide' and 'unhide'
2016-12-07 00:15:11 +03:00
JKornev
1358effe89
Design for the commands
2016-12-06 01:37:18 +03:00
JKornev
96c5e6eb40
HiddenCLI first steps
2016-12-04 22:27:46 +03:00
JKornev
86458caf5d
VMware tests
2016-10-27 23:08:59 +03:00
JKornev
3851dcd17d
Multiple changes
...
- Fixed issue with signing Release driver builds
- Renamed all Nt* functions to Zw* (access denied fix, KTHREAD!PreviousMode)
- Added "apply to all processes" feature for adding exluded\protected images api
- Fixed sync issues for process table, sync primitives moved to external code
etc
2016-10-19 00:35:52 +03:00
JKornev
3e5e5e8679
Fixes for API and x64 compilation
2016-10-15 18:11:11 +03:00
JKornev
e0d700635b
Added x64 support
2016-10-15 02:47:05 +03:00
JKornev
98014e750e
Major changes
...
- Fixed BSOD on driver deinitialization step
- Fixed resources leak in the reg filter
- Fixed path normalization function
- Added support for inherit type in predefined process monitor configs
- Added support for opening protected processes by subsystem
- Added tests for protected processes
and other little fixes
2016-10-11 00:45:07 +03:00
JKornev
d325a8d91a
Added reg key\value path normalization
2016-09-18 17:26:00 +03:00
JKornev
5d1787ffbc
Added exclude\protect list loading from HiddenCLI to driver
...
Fixed memory leak on the CreateProcessNotifyCallback
2016-09-05 22:30:26 +03:00
JKornev
228b3fb1fc
initial commit
2016-07-22 02:02:31 +03:00