Sparta

Sparta is a virtualization-based endpoint security solution for Windows. It's an educational research project of mine, which tries to demonstrate the power of virtualization-based solutions.

Basically, Sparta traces all suspicious kernel mode code executions, kernel structure manipulations, kernel code modifications and sensitive process memory corruptions, in order to detect abnormal behavior which can indicate a malware infection. See the "How It Works?" section for a deeper explanation.

Usage

TBD

Screenshots

Basic Execution (Bootstrapping & CPUID "Spoofing")

basic execution

Invisible Syscall Hooking (TLB Splitting)

shadow hooks

How It Works?

TBD

License

MIT

Authors

Omer Katz - omerk2511

Sparta
Sparta copied to clipboard

Metadata

Sparta

Usage

Screenshots

Basic Execution (Bootstrapping & CPUID "Spoofing")

Invisible Syscall Hooking (TLB Splitting)

How It Works?

License

Authors

← Metadata

Owner

Metadata

Sparta Sparta copied to clipboard

Metadata

Sparta

Usage

Screenshots

Basic Execution (Bootstrapping & CPUID "Spoofing")

Invisible Syscall Hooking (TLB Splitting)

How It Works?

License

Authors

← Metadata

Owner

Metadata

Sparta
Sparta copied to clipboard