1 link tagged with all of: security + kernel + driver + rootkit + anti-rootkit
Links
This is a Windows driver that detects kernel memory drivers and hidden threads, useful for rootkit developers to improve their evasion techniques. It implements several analysis methods, such as NMI callbacks and APC stack walks, to identify suspicious activity. You need to enable test signing and debugging to run it.
rootkit ✓
anti-rootkit ✓
kernel ✓
driver ✓
security ✓