JKornev
fbbb57c346
Multiple fixes
...
- Fixed issue with RuleId
- Added loading of the new commands
- Fixed issue with inherit\apply flags
- Fixed invalid type issue for Protect\Ignore commands
etc
2016-12-10 00:36:56 +03:00
JKornev
0959938a6a
Added 'query' command
2016-12-09 23:27:28 +03:00
JKornev
84947c69aa
Added 'protect', 'unprotect', 'unignore'
2016-12-08 23:07:00 +03:00
JKornev
eceaaf829f
Added 'ignore' command to hiddencli
2016-12-07 02:19:54 +03:00
JKornev
93a78b2680
Added hiddencli commands 'hide' and 'unhide'
2016-12-07 00:15:11 +03:00
JKornev
1358effe89
Design for the commands
2016-12-06 01:37:18 +03:00
JKornev
96c5e6eb40
HiddenCLI first steps
2016-12-04 22:27:46 +03:00
Jora Kornev
241e8bb296
Update todo.txt
2016-11-10 11:20:37 +03:00
JKornev
86458caf5d
VMware tests
2016-10-27 23:08:59 +03:00
JKornev
3851dcd17d
Multiple changes
...
- Fixed issue with signing Release driver builds
- Renamed all Nt* functions to Zw* (access denied fix, KTHREAD!PreviousMode)
- Added "apply to all processes" feature for adding exluded\protected images api
- Fixed sync issues for process table, sync primitives moved to external code
etc
2016-10-19 00:35:52 +03:00
JKornev
3e5e5e8679
Fixes for API and x64 compilation
2016-10-15 18:11:11 +03:00
JKornev
0332732253
Removed unused code
2016-10-15 13:28:21 +03:00
JKornev
3c19ea50d6
Removed unused project settings
2016-10-15 03:16:38 +03:00
JKornev
e0d700635b
Added x64 support
2016-10-15 02:47:05 +03:00
JKornev
aed101fa17
Added Wow64 redirection support
2016-10-15 02:39:31 +03:00
JKornev
6b0777c4de
Added new process exclusion tests
2016-10-15 00:36:57 +03:00
JKornev
127c0b9c86
Added tests for ps protection\exclusion
2016-10-14 00:29:53 +03:00
JKornev
98014e750e
Major changes
...
- Fixed BSOD on driver deinitialization step
- Fixed resources leak in the reg filter
- Fixed path normalization function
- Added support for inherit type in predefined process monitor configs
- Added support for opening protected processes by subsystem
- Added tests for protected processes
and other little fixes
2016-10-11 00:45:07 +03:00
JKornev
8a7929b310
Added Get\Set ps state ability
...
Fixed issue with DeviceIOControl output
Fixed issues in the PsRule & PsTable
2016-09-22 23:17:14 +03:00
JKornev
b9e7f2c015
Added ps path normalization to the hiddenlib
2016-09-19 23:21:51 +03:00
JKornev
4c3047c669
Added path normalization to the ps monitor
2016-09-19 23:20:44 +03:00
JKornev
22fdb1d00b
Added tests for Reg filter
2016-09-18 17:26:33 +03:00
JKornev
d325a8d91a
Added reg key\value path normalization
2016-09-18 17:26:00 +03:00
JKornev
59b989dcc5
Added new types of operations to Reg filter (set,query,delete value)
2016-09-18 17:23:37 +03:00
JKornev
935ffa787f
Added the HiddenTests project that contain different tests for this solution
2016-09-11 14:42:39 +03:00
JKornev
184312875d
Added path conversion to NT path to the FS filter interface
2016-09-11 14:40:33 +03:00
JKornev
1fdfa70156
Fix for issue with file\dir name duplication
2016-09-07 02:23:41 +03:00
JKornev
5d1787ffbc
Added exclude\protect list loading from HiddenCLI to driver
...
Fixed memory leak on the CreateProcessNotifyCallback
2016-09-05 22:30:26 +03:00
JKornev
a25458a4c8
Added usermode implementation of the PsMonitor interface
...
and etc
2016-09-04 22:00:55 +03:00
JKornev
80b89c2f28
Added Get\Set process exclude\protect state
...
Fixed issue with the hidden.inf
and etc
2016-09-04 20:19:17 +03:00
JKornev
9ba217714e
Added IOCTLs for the part of Ps API
2016-09-01 01:28:24 +03:00
JKornev
b93f05e6cd
test
2016-08-30 22:41:40 +03:00
JKornev
f65a2301c6
PS monitor internal API implementation
2016-08-30 22:40:25 +03:00
Jora Kornev
220d7cf07e
Update ExcludeList.c
2016-08-30 19:24:15 +03:00
JKornev
1e53188c4e
HiddenLib include path fix
2016-08-29 22:45:58 +03:00
JKornev
5e1450971c
Merge branch 'master' of https://github.com/JKornev/hidden
2016-08-28 19:54:08 +03:00
JKornev
07d0e4d747
PsTable raise condition fix and etc
2016-08-28 19:53:33 +03:00
Jora Kornev
86bf4627e7
Update README.md
2016-08-28 00:04:49 +03:00
Jora Kornev
cfe416a472
Update README.md
2016-08-28 00:04:21 +03:00
JKornev
e3f90905a4
TODO update
2016-08-27 23:38:56 +03:00
JKornev
480b0ef15f
Added protected & excluded process lists
2016-08-27 23:18:54 +03:00
JKornev
384bc8dd40
update for symlink path-resolver
2016-07-23 17:02:16 +03:00
JKornev
228b3fb1fc
initial commit
2016-07-22 02:02:31 +03:00
Jora Kornev
1c857ec226
Initial commit
2016-06-16 22:40:32 +03:00