A driver to intercept low level windows events
This is a driver created to learn more about kernel programming, kernel callbacks and filesystem minifilters. Allows the user to hook many events and set some security policies.
The driver will intercept -
This driver will block unwanted operations based on a very simple policy:
The driver will kill the unwanted process before the operation has been done. Also, information will be shared with the user mode side.