Em Andamento

Kernel driver with SSDT hooks ([url removed, login to view]) -- 2

We are looking for someone that can develop a kernel mode driver that implements SSDT hooking mainly to log, block and manipulate Zw* functions in the ntoskrnl.exe. The hooks should be able to be applied on a selected set of processes, which is initially a "target process" and can be expanded, if the "target process" injects itself into other processes. In this project you will be working very closely with a developer of the company (i.e. you are not "on your own") and get a lot of help, as a similar technology (just with hooks on [url removed, login to view]) already exists for usermode. The driver is part of a malware analysis system called "VxStream Sandbox" (see [url removed, login to view]) and will be an extension. The first version does not need to be compatible with 64 bit, but 32 bit for Windows XP - Windows 8 is necessary.

If you have no idea what NTOSKRNL is or you have no experience in driver development, then this project is not for you. Knowledge on malware and injection techniques (remote thread injection, etc.) is definitely a plus. See the attached files for sample output that would be required by the system, including a (confidential!) specification of the output format. It is important that the driver can write output to simple *.csv files. The project budget can grow (and it is an ongoing project), depending on how extensive the code is. We are an IT-security startup company, so the money is relatively limited (at the beginning), but a long term partnership might evolve.

Habilidades: Montagem, Programação C, Programação C++ , Windows API, x86/x64 Assembler

Ver mais: programming techniques, implements set, grow develop, get help programming, dll system programming, cplusplus set, block company, beginning programming, bit technology, windows kernel, startup need developer, kernel, kernel driver, windows dll injection, kernel mode programming windows, windows kernel driver project, windows kernel mode, driver code windows kernel, programming driver mode, security block sample, programming windows driver mode, programming windows kernel, windows kernel mode programming, driver dll injection, kernel version

Acerca do Empregador:
( 11 comentários ) Roßdorf, Germany

ID do Projeto: #6838299

Premiar a:

wintelligent

A proposal has not yet been provided

€555 EUR em 30 dias
(40 Avaliações)
7.1

2 freelancers estão ofertando em média €555 para este trabalho

qkullaoa

please check our company freelancer profile https://www.freelancer.com/u/qkullaoa.html we already developed this type of project so we can take your project. why you hire us ? have 5*** with 100% complete rate with we Mais

€526 EUR in 15 dias
(10 Comentários)
2.6
coolaush702713

Hello. I considered your requirements. I have good experiences like your project. I can do it with c++, assembly if you want. Please reply. I am ready for your project.

€555 EUR in 5 dias
(0 Comentários)
0.0