Title:
ObRegisterCallbacks-hook-
Download
Description: This driver is designed to collect metadata about securable objects such as
// Process, File, Event, and Section objects. The metadata is used to construct
// a chronological object log which conveys information about object definitions
// and uses. When an object is defined or used, metadata is logged about the
// environment in which the object is created including the security context,
// call stack, object name information, and the security descriptor assigned to
// the object.
To Search:
File list (Check if you may need any files):
TBA\analysis
...\........\dumpsids
...\........\........\bin
...\........\........\...\Release
...\........\........\...\.......\dumpsids.exe
...\........\........\dumpsids.csproj
...\........\........\dumpsids.sln
...\........\........\Program.cs
...\........\........\Properties
...\........\........\..........\AssemblyInfo.cs
...\........\pacl
...\........\....\pacl.c
...\........\....\pacl.exe
...\........\....\pacl.obj
...\........\prototype
...\........\.........\analyzer.rb
...\........\.........\common
...\........\.........\......\graph.rb
...\........\.........\......\sddl.rb
...\........\.........\objtrace
...\........\.........\........\metadata.rb
...\........\.........\........\objects.rb
...\........\.........\tba
...\........\.........\...\analyzer.rb
...\........\.........\...\flow.rb
...\........\.........\...\rights.rb
...\........\.........\...\simulator.rb
...\........\.........\...\smg.rb
...\........\.........\...\tbg.rb
...\........\tba
...\........\...\bin
...\........\...\...\Release
...\........\...\...\.......\Database
...\........\...\...\.......\........\TBA.mdf
...\........\...\...\.......\........\TBA_log.ldf
...\........\...\...\.......\TBA.exe
...\........\...\...\.......\TBA.exe.config
...\........\...\...\.......\TBA.pdb
...\........\...\...\.......\UR.dll
...\........\...\...\.......\UR.Graphing.dll
...\........\...\Database
...\........\...\........\cleanup.sql
...\........\...\........\import.sql
...\........\...\........\TBA.cs
...\........\...\........\TBA.dbml
...\........\...\........\TBA.dbml.layout
...\........\...\........\TBA.designer.cs
...\........\...\........\TBA.mdf
...\........\...\........\TBA_log.ldf
...\........\...\DataFlowGraph.cs
...\........\...\Parser.cs
...\........\...\Program.cs
...\........\...\Properties
...\........\...\..........\app.config
...\........\...\..........\AssemblyInfo.cs
...\........\...\..........\Settings.Designer.cs
...\........\...\..........\Settings.settings
...\........\...\Simulator.cs
...\........\...\TBA.csproj
...\........\...\TBA.csproj.user
...\........\...\TBA.sln
...\........\...\TBA.suo
...\........\...\VerbGraph.cs
...\data
...\documentation
...\.............\2008_woot.ppt
...\.............\2008_woot.pptx
...\.............\samples
...\.............\.......\tbsdfg-alpc_port.graphml
...\.............\trust-boundaries-sec-objects.pdf
...\driver
...\......\dynba.c
...\......\log.c
...\......\log.h
...\......\makefile
...\......\metadata.c
...\......\metadata.h
...\......\ntehx64.h
...\......\ntproto.h
...\......\precomp.h
...\......\sources
