Hi :)
Thunder is the name of a hidden process detector .
The background idea for increasing the power of this detector is great but for now, this is the first part & in fact it's a proof of concept based on ring3 .
For now, it has just few methods for detecting hidden processes so I do not expect to detect commercial or advanced Rootkits like rkdemo actually built by EP_X0FF or phide_ex by PE386 .
Well, this detector is more aimed for rootkits that will hide it's process whether with DKOM or setting hook on Service Dispatch Table (SSDT) .
I've also tried it against Futo & detected it Successfully .
This project is under development & in-progress .
I hope I can increase the power of detection as much as I can .
regardless of incompletely of this project (& of course it will in progress & will update as soon for detecting more rootkits) I want to give a big appreciate to the following people :
Alex, for nice ideas, testing , helpful guidances for long time , Alex always helps other people without any afraid .
EP_X0FF, Intelligence points that others may not aware of & helpful advices as always .
Eric_71,my new friend at this forum for solving some of problems related to some wrong implementations & some bug fixes .
Hope you like it :)
any Comments are welcome .
Thunder is the name of a hidden process detector .
The background idea for increasing the power of this detector is great but for now, this is the first part & in fact it's a proof of concept based on ring3 .
For now, it has just few methods for detecting hidden processes so I do not expect to detect commercial or advanced Rootkits like rkdemo actually built by EP_X0FF or phide_ex by PE386 .
Well, this detector is more aimed for rootkits that will hide it's process whether with DKOM or setting hook on Service Dispatch Table (SSDT) .
I've also tried it against Futo & detected it Successfully .
This project is under development & in-progress .
I hope I can increase the power of detection as much as I can .
regardless of incompletely of this project (& of course it will in progress & will update as soon for detecting more rootkits) I want to give a big appreciate to the following people :
Alex, for nice ideas, testing , helpful guidances for long time , Alex always helps other people without any afraid .
EP_X0FF, Intelligence points that others may not aware of & helpful advices as always .
Eric_71,my new friend at this forum for solving some of problems related to some wrong implementations & some bug fixes .
Hope you like it :)
any Comments are welcome .
Attachments
- Individuality
