Skip to content
/ KernelProcessList Public

Example Windows Kernel-mode Driver which enumerates running processes.

License

MIT license
55 stars 26 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

danielkrupinski/KernelProcessList

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
KernelProcessList
KernelProcessList
 
 
.gitignore
.gitignore
 
 
KernelProcessList.sln
KernelProcessList.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

KernelProcessList

Example Windows Kernel-mode Driver which enumerates running processes.

Output

Driver writes process list to the KernelProcessList.txt file located in Windows directory (%SystemRoot%).

Format: process_name : process_id

Example:

System : 4
Registry : 104
smss.exe : 348
csrss.exe : 548
wininit.exe : 636
csrss.exe : 644
winlogon.exe : 736
services.exe : 772
lsass.exe : 800
svchost.exe : 940
svchost.exe : 964
fontdrvhost.exe : 992
fontdrvhost.exe : 988
svchost.exe : 496
svchost.exe : 884
dwm.exe : 1044

About

Example Windows Kernel-mode Driver which enumerates running processes.

Topics

windows native driver process windows-kernel kernel-mode-driver kernel-mode wdk process-list driver-programming zwquerysysteminformation

Resources

Readme

License

MIT license
Activity

Stars

55 stars

Watchers

5 watching

Forks

26 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages