From Collaborative RCE Tool Library
Kernel Hook Detection Tools
| Tool name: | GMER |
| ||
|---|---|---|---|---|
| Author: | Przemyslaw Gmerek | |||
| Website: | http://www.gmer.net | |||
| Current version: | 1.0.14.14205 | |||
| Last updated: | March 5, 2008 | |||
| Direct D/L link: | http://www.gmer.net/gmer.zip | |||
| License type: | Free | |||
| Description: | GMER is an application that detects and removes rootkits . It scans for: * Hidden processes * Hidden threads * Hidden modules * Hidden services * Hidden files * Hidden Alternate Data Streams * Hidden registry keys * Drivers hooking SSDT * Drivers hooking IDT * Drivers hooking IRP calls * Inline hooks GMER also allows to monitor the following system functions: * Processes creating * Drivers loading * Libraries loading * File functions * Registry entries * TCP/IP connections GMER runs on Windows NT/W2K/XP/VISTA | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RAIDE |
| ||
|---|---|---|---|---|
| Author: | petersilberman | |||
| Website: | http://www.rootkit.com/project.php?id=33 | |||
| Current version: | Beta 1 | |||
| Last updated: | August 6, 2006 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | RAIDE stands for Rootkit Analysis Identification Elimination. RAIDE is a rootkit detection/removal tool. RAIDE offers unique features like process dumping/firewall identification etc. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Rootkit Unhooker |
| ||
|---|---|---|---|---|
| Author: | EP_X0FF | |||
| Website: | http://rku.nm.ru | |||
| Current version: | 3.7.300.509 | |||
| Last updated: | November 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | Rootkit Unhooker LE (RkU) is an advanced rootkit detection/removal utility, designed specially for advanced users and IT professionals. It runs under 32bit Windows 2000, Windows XP, Windows 2003 Server and Windows Vista. The project was discontinued when it was bought up by Microsoft in November 2007. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SSDT Revealer |
| ||
|---|---|---|---|---|
| Author: | ZaiRoN | |||
| Website: | http://zairon.wordpress.com/2007/03/20/tool-system-service-descriptor-table-revealer/ | |||
| Current version: | 1.0 | |||
| Last updated: | March 20, 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | This is little tool I’ve coded some times ago. The name says it all, it reveals System Service Dispatch Table showing possible hooks over one or more functions. It was born as a part of a more complex tool, which is still unfinished.. SSDT revealer is nothing special but could come in handy. The program has been developed under Win-XP. It should run on other OSs but I really don’t know. Again, it’s a personal program and I didn’t spend nights and nights trying to find one or more bug, when a bug occours I fix it. If you find a bug or something else, please, don’t hesitate to contact me. | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
