Jump to content
Nytro

Anti-Rootkit Tool - Tuluka Kernel Inspector

By Nytro, in Programe securitate

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Anti-Rootkit Tool - Tuluka Kernel Inspector

Tuluka is a new powerful AntiRootkit, which has the following features:

*Detects hidden processes, drivers and devices

*Detects IRP hooks

*Identifies the substitution of certain fields in DRIVER_OBJECT structure

*Checks driver signatures

*Detects and restores SSDT hooks

*Detects suspicious descriptors in GDT

*IDT hook detection

*SYSENTER hook detection

*Displays list of system threads and allows you to suspend them

*IAT and Inline hook detection

*Shows the actual values of the debug registers, even if reading these registers is controlled by someone

*Allows you to find the system module by the address within this module

*Allows you to display contents of kernel memory and save it to disk

*Allows you to dump kernel drivers and main modules of all processes

*Allows you to terminate any process

*Is able to dissasemble interrupt and IRP handlers, system services, start routines of system threads and many more

*Allows to build the stack for selected device

Much more..

Download:

Tuluka kernel inspector - Download

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...