From Collaborative RCE Tool Library
Kernel Tools
| Tool name: | Native NT Toolkit |
| ||
|---|---|---|---|---|
| Author: | Alex Ionescu | |||
| Website: | http://code.google.com/p/native-nt-toolkit/ | |||
| Current version: | ||||
| Last updated: | January 26, 2008 | |||
| Direct D/L link: | http://native-nt-toolkit.googlecode.com/svn/trunk/ndk/ | |||
| License type: | Free / Open Source | |||
| Description: | Includes the entire Native Development Kit (NDK), a set of headers for building native applications for Windows NT4 all the way to Windows Server 2008. Includes the Native Development Library (NDL), a wrapper library designed to simply development of native applications, especially console input and output. Also includes some sample source code, such as the Native Command Line (NCLI), a command prompt clone written with the NDK and NDL to showcase some functionality of the toolkit, as well as to provide a way to boot Windows without any GUI or subsystems loaded and still be able to interact with the system. For more info, see also: http://www.woodmann.com/forum/showthread.php?t=11256 | |||
| Also listed in: | (Not listed in any other category) | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | GMER |
| ||
|---|---|---|---|---|
| Author: | Przemyslaw Gmerek | |||
| Website: | http://www.gmer.net | |||
| Current version: | 1.0.14.14205 | |||
| Last updated: | March 5, 2008 | |||
| Direct D/L link: | http://www.gmer.net/gmer.zip | |||
| License type: | Free | |||
| Description: | GMER is an application that detects and removes rootkits . It scans for: * Hidden processes * Hidden threads * Hidden modules * Hidden services * Hidden files * Hidden Alternate Data Streams * Hidden registry keys * Drivers hooking SSDT * Drivers hooking IDT * Drivers hooking IRP calls * Inline hooks GMER also allows to monitor the following system functions: * Processes creating * Drivers loading * Libraries loading * File functions * Registry entries * TCP/IP connections GMER runs on Windows NT/W2K/XP/VISTA | |||
| Also listed in: | Kernel Hook Detection Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | RAIDE |
| ||
|---|---|---|---|---|
| Author: | petersilberman | |||
| Website: | http://www.rootkit.com/project.php?id=33 | |||
| Current version: | Beta 1 | |||
| Last updated: | August 6, 2006 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | RAIDE stands for Rootkit Analysis Identification Elimination. RAIDE is a rootkit detection/removal tool. RAIDE offers unique features like process dumping/firewall identification etc. | |||
| Also listed in: | Kernel Hook Detection Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | Rootkit Unhooker |
| ||
|---|---|---|---|---|
| Author: | EP_X0FF | |||
| Website: | http://rku.nm.ru | |||
| Current version: | 3.7.300.509 | |||
| Last updated: | November 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | Rootkit Unhooker LE (RkU) is an advanced rootkit detection/removal utility, designed specially for advanced users and IT professionals. It runs under 32bit Windows 2000, Windows XP, Windows 2003 Server and Windows Vista. The project was discontinued when it was bought up by Microsoft in November 2007. | |||
| Also listed in: | Kernel Hook Detection Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
| Tool name: | SSDT Revealer |
| ||
|---|---|---|---|---|
| Author: | ZaiRoN | |||
| Website: | http://zairon.wordpress.com/2007/03/20/tool-system-service-descriptor-table-revealer/ | |||
| Current version: | 1.0 | |||
| Last updated: | March 20, 2007 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free | |||
| Description: | This is little tool I’ve coded some times ago. The name says it all, it reveals System Service Dispatch Table showing possible hooks over one or more functions. It was born as a part of a more complex tool, which is still unfinished.. SSDT revealer is nothing special but could come in handy. The program has been developed under Win-XP. It should run on other OSs but I really don’t know. Again, it’s a personal program and I didn’t spend nights and nights trying to find one or more bug, when a bug occours I fix it. If you find a bug or something else, please, don’t hesitate to contact me. | |||
| Also listed in: | Kernel Hook Detection Tools | |||
| More details: | Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry) | |||
Feed containing all updates and additions for this category.
Feed containing all updates and additions for this category, including sub-categories.
