Kernel Detective 1.4.1

[Alessandro10]

Kernel Detective is a free tool that help you detect, analyze, manually modify and fix some Windows NT kernel modifications. Kernel Detective gives you the access to the kernel directly so it's not oriented for newbies. Changing essential kernel-mode objects without enough knowledge will lead you to only one result ... BSoD !

Kernel Detective gives you the ability to :
1- Detect Hidden Processes.
3- Detect Hidden Threads.
2- Detect Hidden DLLs.
3- Detect Hidden Handles.
4- Detect Hidden Driver.
5- Detect Hooked SSDT.
6- Detect Hooked Shadow SSDT.
7- Detect Hooked IDT.
8- Detect Kernel-mode code modifications and hooks.
9- Disassemble (Read/Write) Kernel-mode/User-mode memory.
10- Monitor debug output on your system.

What's new in v1.4.1 :
- Fixed possible BSOD when scanning processes
- Fixed bug in callbacks scanning
- Enhanced showing files properties and signature verifying
- Skeleton SDK for VS2008 included

What's new in v1.4.0 :
- Added plugins system
- Added support for windows server 2008, seven sp1
- Enhanced stability on NT 6.0+ (windows vista/seven)
- Improved driver scan
- Improved code hook scan
- Fixed bug prevent the tool from working on windows xp
- Fixed bug related to long paths
- Fixed bug in process/driver dumper
- Fixed bug in IDT scan

Credits: AT4RE

Scan:
Kernel Detective v1.4.1.rar - Verificador de malware do Jotti


2nd scan added by Liz
Virus scan

[flameswor10]

Works in 32bit or BSOD?

[whit]

Does it work 64bit systems?

[-xGhost-]

Thank's, I was looking for this some time back but never found it...

[whit]

NO WORK 64 GUYS

[-xGhost-]

NO WORK 64 GUYS

Awww, I can't use it then the long journey continues ):

[SNal2F]

Awww, I can't use it then the long journey continues ):

All of themida i seen on 64 bit their driver doesn't work, Tho im sure oreans will eventually change that. If you really want to learn about this i suggest the book Rootkits:Subverting the windows kernel(even has a hook) and the WDK @ microsoft.

[supercarz1991]

wow i was never even able to find version 1.3 of this program >.<

[[MPGH]AVGN]

they can make a program that can do all that... but they cant make it work on 64bit

[dllbase]

Thanks Alessandro 10

[why06]

they can make a program that can do all that... but they cant make it work on 64bit

64bit has new driver restrictions. The cause on the problems could lie there. Blame Windows for not being backwards compatible.

[GamingMasteR]

Hi,

I've posted it in hacking tools section before but it seems no one seen it (check the plugins part too)
Kernel Detective doesn't work on x86-64 operating systems, it's oriented for x86 systems.
The code is very x86 specific and it's waste of time to port it to x86-64, I'd better write it from scratch if I want it to work on x86-64 but I've no time currently for that ...

Regards.
GM

[flameswor10]

Hi,

I've posted it in hacking tools section before but it seems no one seen it (check the plugins part too)
Kernel Detective doesn't work on x86-64 operating systems, it's oriented for x86 systems.
The code is very x86 specific and it's waste of time to port it to x86-64, I'd better write it from scratch if I want it to work on x86-64 but I've no time currently for that ...

Regards.
GM

And you are?

[GamingMasteR]

I'm the author of this little tool.

[M.Codec~]

Its not working.. This Works in 64 Bits ?