All Projects → MartinDrab → Irpmon

MartinDrab / Irpmon

Licence: mit
The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only moodifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.

Programming Languages

pascal
1382 projects

Projects that are alternatives of or similar to Irpmon

Antminer Monitor
Cryptocurrency ASIC mining hardware monitor using a simple web interface
Stars: ✭ 176 (-29.03%)
Mutual labels:  monitor
Uptime Monitor App
A PHP application to monitor uptime and ssl certificates
Stars: ✭ 205 (-17.34%)
Mutual labels:  monitor
Droidtelescope
DroidTelescope(DT),Android端App性能监控框架
Stars: ✭ 231 (-6.85%)
Mutual labels:  monitor
Easy Monitor
企业级 Node.js 应用性能监控与线上故障定位解决方案
Stars: ✭ 2,451 (+888.31%)
Mutual labels:  monitor
Adi
ADI(Android Debug Intensive) 是通过 JVMTI 实现的 Android 应用开发调试的增强工具集,目前主要提供性能相关的监控能力。
Stars: ✭ 194 (-21.77%)
Mutual labels:  monitor
Webmonitor
实时监控网页变化,并发送通知(Monitor web page changes in real time and send notifications)
Stars: ✭ 212 (-14.52%)
Mutual labels:  monitor
Lunar
Intelligent adaptive brightness for your external monitors
Stars: ✭ 2,712 (+993.55%)
Mutual labels:  monitor
Sentry
Build/Runs your crystal application, watches files, and rebuilds/restarts app on file changes
Stars: ✭ 239 (-3.63%)
Mutual labels:  monitor
Oknetworkmonitor
A network monitor for OkHttp.
Stars: ✭ 204 (-17.74%)
Mutual labels:  monitor
Moreco
moreco 是一个能够为小、中、大型项目提供最合适架构的一条龙生态系统。满足项目从小型到中型至大型的衍变过程。从编码到监控至运维都满足、且各种功能都插件化,支持插件间的切换。支持Spring Boot、Spring Cloud、Axon 无缝升级
Stars: ✭ 231 (-6.85%)
Mutual labels:  monitor
Briarids
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
Stars: ✭ 187 (-24.6%)
Mutual labels:  monitor
Monitorfe
🍉前端埋点监控,提供前端 JS 执行错误,第三方资源加载异常,Ajax 请求错误监控
Stars: ✭ 190 (-23.39%)
Mutual labels:  monitor
Wam
Web App Monitor
Stars: ✭ 216 (-12.9%)
Mutual labels:  monitor
Myperf4j
High performance Java APM. Powered by ASM. Try it. Test it. If you feel its better, use it.
Stars: ✭ 2,281 (+819.76%)
Mutual labels:  monitor
Centreon Plugins
Collection of standard plugins to discover and gather cloud-to-edge metrics and status across your whole IT infrastructure.
Stars: ✭ 234 (-5.65%)
Mutual labels:  monitor
Urlwatch
urlwatch monitors webpages for you
Stars: ✭ 2,294 (+825%)
Mutual labels:  monitor
Stonky
A command line dashboard for monitoring stocks
Stars: ✭ 208 (-16.13%)
Mutual labels:  monitor
Swmp
A responsive, eye-pleasing Linux server statistics dashboard.
Stars: ✭ 245 (-1.21%)
Mutual labels:  monitor
Simplegodotcrtshader
A simple Godot shader that simulates CRT Displays
Stars: ✭ 236 (-4.84%)
Mutual labels:  monitor
Cryptotrader
A cryptocurrency trader for all famous exchanges
Stars: ✭ 228 (-8.06%)
Mutual labels:  monitor

IRPMon

The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracker but has several enhancements. It supports 64-bit versions of Windows (no inline hooks are used, only modifications to driver object structures are performed) and monitors IRP, FastIo, AddDevice, DriverUnload and StartIo requests.

Compilation

Drivers, Servers and DLLs

You need Visual Studio 2017 or 2019 to compile drivers and DLLs. All is set for the 2019, however, adopting the settings to 2017 one should be a piece of cake. In order to build the XP configuration (WIndows XP support), you need to install the Windows XP support into your Visual Studio. Also, install latest version of the Windows SDK and Windows Driver Kit (latest at the time of this writing at least). To use the scripts\build.bat, install MSBuild as well.

GUI Application

Delphi 10.3 Rio does the trick here, although you should be able to compile the project also with Delphi XE2 and later. If you are looking for WIndows XP support, Lazarus seems to be your only option. Version 2.0.8 seems to produce pretty good results.

Installer

The installer script (scripts\installer.iss) works with Inno Setup 6. That means, the resulting installer does not support Windows XP. Currently, there is no installer support for XP, just copy IRPMon files to machine with that old operating system and all should work quite nicely.

Build Steps

  • navigate to the scripts directory,
  • build binaries with build <Configuration> where Configuration may be Debug, Release or XP,
  • sign the binaries with sign <Configuration>, the Configuration parameter must match the previous step,
  • build the installer with Inno Setup 6,
  • sign the installer with the sign-installer script (no extra parameters are required).

You need to alter the signing scripts to respect your signing certificate. Similarly, the SDK version may need to be modified to match version installed on your machine.

Samples

I hope to add some sample programs demonstrating how to use IRPMon DLLs to your advantage. So, you will not be dependent on the GUI application.

Kbdsample

This sample hooks primary keyboard device (\Device\KeyboardClass0) and display basic information about detected requests. It also shows how to enumerate hooked drivers and unhook them inf necessary (e.g. if you wish to hook a driver that is already hooked, you may need to unhook it first). See the kbdsample directory for more information.

People

Authors

Contributors

Donations

If you wish to support development of this tool, you may donate some stuff to the following addresses:

  • BTC: 17tEADhePvhHPj2X5GWn8vfiYhZCRH1f7V
  • XMR: 843axNixjKbLhibVSfx1NBVqhrjwfjw95EpbTZDL7uZuGyhQd4gj6TkFTkgRA1dhisPXURPTMMaY2QrT2fXDRAiF31E2sXP
  • paypal

Contact Me

Every feedback is more than welcome!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].