Simple Antirootkit SST Unhooker Save

This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks

Project README

Simple antirootkit

About

There are a number of ways for malware to intrude into the system. This project represents a simple software solution that helps to remediate one aspect of possible rootkit intrusions ? System Service Table violations performed to hide files, services, or processes. This antirootkit restores original SST.

Implementation

The implementation of rootkit detection is based on the idea of comparing the current version of SST with the one stored in ntoskernel.exe. The techniques of work with the memory-mapped files in kernel mode are used.

You can find more explanations on how to develop an anti-rootkit, details and step-by-step programming tutorial in the related article.

License

Licensed under the MIT license. ? Apriorit.

Open Source Agenda is not affiliated with "Simple Antirootkit SST Unhooker" Project. README Source: apriorit/Simple-Antirootkit-SST-Unhooker

Stars

Open Issues

Last Commit

7 years ago

Repository

apriorit/Simple-Antirootkit-SST-Unhooker

License

MIT

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/simple-antirootkit-sst-unhooker"><img src="https://www.opensourceagenda.com/projects/simple-antirootkit-sst-unhooker/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022