| CacheSet
v1.0 |
CacheSet
is a program that allows you to control the Cache
Manager's working set size using functions provided
by NT. Its compatible with all versions of NT and
full source code is provided.
|
|
 |
|
| Ctrl2cap
v2.0 |
This is a
kernel-mode driver that demonstrates keyboard input
filtering just above the keyboard class driver in
order to turn caps-locks into control keys. Filtering
at this level allows conversion and hiding of keys
before NT even "sees" them. Full source is included.
Ctrl2cap also shows how to use NtDisplayString()
to print messages to the initialization blue-screen.
|
|
|
|
| Device
Object Security |
Are your
device objects as secure as they should be? Learn
what permissions are applied to the objects you
create with IoCreateDevice and get introduced to
kernel-mode security APIs that can be used to close
potential device object security holes.
|
|
|
| Filemon
v4.33 |
This monitoring
tool lets you see all file system activity in real-time.
It works on all versions of WinNT/2K as well as
Windows 9x/Me and full source is included.
|
|
|
|
| Formatx
and Chkdskx v1.0 |
Complete
source code for chkdsk and format clone programs.
These examples demonstrate the use of file system
utility functions that you can incorporate into
your own applications.
|
|
|
|
| Fundelete
v2.0 |
This utility
expands the NT 4.0 Recycle Bin to catch file deleted
from command prompts and within programs, and it
comes with full source code. Several powerful device
driver techniques, including getting a user's SID
within a driver, enumerating a directory's contents,
and generating IRPs, are demonstrated in source
code available for download.
|
|
|
|
| Inside
Disk Defragmenting |
Find out
about the APIs Windows NT Defragmentation products
use, and download a free defragmenting demonstration
program, complete with full source.
|
|
|
|
| Inside
the Disk Key |
The HKLM\System\Disk\Information
value is the heart of NT's disk administration.
It contains information on drive mappings and fault
tolerant configurations. In this article I go inside
the Disk\Information value to describe its format,
and provide source code to a program, Diskkey, that
reads and decodes it.
|
|
|
|
| Miscellaneous |
Source code
to a few miscellaneous applets, like a LoggedOn,
a logon session enumerator.
|
|
|
|
| NewSID
v3.02 |
Learn about
the computer SID problem everybody has been talking
about and get a free computer SID changer, SID,
complete with full source code.
|
|
|
|
| NTFSInfo
v1.0 |
Use NTFSInfo
to see detailed information about NTFS volumes,
including the size and location of the Master File
Table (MFT) and MFT-zone, as well as the sizes of
the NTFS meta-data files.
|
|
|
|
| Regmon
v4.32 |
This monitoring
tool lets you see all Registry activity in real-time.
It works on all versions of WinNT/2K as well as
Windows 9x/Me and full source is included.
|
|
|
|
| SDelete
v1.1 |
Securely
overwrite your sensitive files and cleanse your
free space of previously deleted files using this
DoD-compliant secure delete program. Complete source
code is included.
|
|
|
|
| TCPView
v1.0 |
See all open
TCP and UDP endpoints. Full source to the command-line
version of this tool, netstatp, is included.
|
|
|
|
| Tips
and Trivia |
Source code
for a few interesting applets.
|
|
|
|
| Tokenmon
v1.01 |
Watch security-related
activity, including logon, logoff, privilege usage,
and impersonation with this monitoring tool.
|
|
|
