minifilter-driver
There are 16 repositories under minifilter-driver topic.
aleksk/LazyCopy
NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.
RafWu/RansomWatch
Ransomware detection application for Windows using Windows Minifilter driver
sgabe/SymlinkProtect
File system minifilter driver for Windows to block symbolic link attacks.
SubconsciousCompute/poc-windows-rust-filter
A PoC Windows Minifilter Driver in pure Rust (Don't use it in production)
SweetIceLolly/Prevent_File_Deletion
Record & prevent file deletion in kernel mode
ETEFS/ETEFS_Mini
Easy Transparent Encrypted File System Based on Minifilter File System Driver
CynicalApe/Minifilter-CSHARP-ConsoleApp
Permission Filesystem Minifilter
viorelyo/Procmonel
Procmonel is Procmon like monitoring system implemented using Microsoft WDK
zeromem88/Readonlyness
Simple Windows minifilter kernel mode driver
MahmoudZohdy/FileRedirector
FileRedirector
radkum/windows-kernel-rs
Windows kernel development in Rust is not widely used yet. Therefore, here is a simple example of a driver and minifilter written in Rust. Also, I've written some helpful crates. Enjoy!
XXXRef/IOSpy
Filesystem minifilter driver spying on IO operations
calladoum-elastic/canary-driver
Source code for the blog post "Ransomware in the honeypot: how we capture keys with sticky canary files"
SihyunYou/Jymon
Le petit Minifilter Driver surveillant file I/O de processus
kanitsharma/sniper
Kernel mode minifilter driver and User mode C# API for filesystem events monitoring