Home / Threat Defense / Threat Management / ProcFilter
ProcFilter

ProcFilter

Pricing: Free
Write a Review Visit Website
ProcFilter

What is ProcFilter

An informational repo about hunting for adversaries in your IT environment.

ProcFilter: A Process Filtering System for Windows

ProcFilter is a process filtering system designed for Windows that includes built-in YARA integration. With YARA, rules can be enhanced using custom meta tags, allowing for a tailored response when matches occur.

It operates as a Windows service...

It operates as a Windows service and is integrated with Microsoft's ETW API, which allows the results to be displayed in the Windows Event Log.

Installation, Activation, and Removal Process

Installation, activation, and removal can be performed dynamically without the need for a reboot. ProcFilter is designed for malware analysts, enabling them to create YARA signatures that safeguard their Windows environments against specific threats.

It does not include a large signature set

Focus on being lightweight, precise, and targeted instead of broad or all-encompassing. ProcFilter is designed for use in controlled analysis environments where custom plugins can execute artifact-specific actions. It is built for easy adoption, and its integration with Git and Event Log reduces the need for additional tools or infrastructure to implement rules or collect results. ProcFilter is compatible with Windows 7 and later versions, as well as Windows Server 2008 and newer systems. Installers are available for ProcFilter in both x86 and x64 Release/Debug formats. Note: Unpatched Windows 7 systems require hotfix 3033929 to load the driver component.
 

ProcFilter Reviews

Write a Review

No reviews yet. Be the first to review this tool!

Write a Review

Share your experience with ProcFilter tool and help others make informed decisions.

Featured

Specops Software
Free
Password Management

Specops Software View Specops Software

Specops Software empowers organizations to fortify their IT security by addressing the critical vulnerability of password management and authentication. As a premier vendor, Specops Software provides advanced solutions designed to proactively block weak passwords, enforce robust authentication protocols, and ensure compliance with stringent industry standards like CJIS and HITRUST. With deep native integration into Active Directory and on-premises data storage, Specops Software offers unparalleled security and control for sensitive business data.

Active Directory password policy auditing against compliance standards
Breached password detection for over 900 million known compromised passwords
Zero-trust access evaluation and enhancement
Infisical
Free
Password Management

Infisical View Infisical

Infisical is the premier open-source platform designed for unified management of secrets, certificates, and configurations across your entire organization. It seamlessly integrates into your development workflows, CI/CD pipelines, and cloud infrastructure, ensuring secure storage and automated injection of sensitive information. Empower your team with robust features like versioning, point-in-time recovery, comprehensive audit logging, and automated secret rotation for enhanced security and operational efficiency.

Open-source secrets management platform
Unified management of secrets, certificates, and configs
Seamless integration with development workflows and CI/CD
Click Studios
Free
Password Management

Click Studios View Click Studios

Click Studios is an Australian-based Agile software development company dedicated to evolving Passwordstate, their robust Enterprise Password Management solution. Continuously refined through customer insights and cybersecurity advancements, Passwordstate offers advanced features for secure sensitive information management and stringent compliance. Click Studios provides scalable, secure, and user-friendly password management solutions, empowering businesses globally with affordable and reliable access control.

Secure Enterprise Password Management
Continuous Feature Enhancement
Customer Feedback Driven Development

Similar Tools

Vectra AI
Free
Threat Management

Vectra AI View Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises. Vectra uses AI to detect threats early and accurately across hybrid and multi-cloud attack surfaces. The Vectra threat detection & response platform captures packets and logs across your public cloud, SaaS, federated identity and data center networks. It applies patented security-led AI to surface, and prioritize threats and integrates into your security stack for rapid response. The Vectra Platform extracts hundreds of metadata elements from captured data and applies security-led AI to detect attacker methods in every domain. This gets attributed to relevant accounts or hosts to prioritize the entities and provide a unified view of threats across your hybrid and multi-cloud environment.

QFunction
Free
Threat Management

QFunction View QFunction

QFunction revolutionizes cybersecurity by leveraging cutting-edge AI and machine learning to identify anomalies and threats within your existing data. Designed for medium-sized businesses and CISO's, QFunction augments your current security stack, empowering you to proactively hunt for threats by distinguishing unusual patterns rather than relying on pre-defined signatures. This approach reduces noise, enhances threat detection, and enables you to identify and neutralize attacks before they escalate, without the need for additional, disparate security tools.

AI/ML-driven anomaly detection
Augments existing security stack
Proactive threat hunting
PolySwarm
Free
Threat Management

PolySwarm View PolySwarm

PolySwarm is a cutting-edge, crowdsourced threat intelligence marketplace designed to empower organizations with faster, more accurate detection, analysis, and response to emerging cyber threats. By aggregating a diverse network of specialized and general threat detection engines, PolySwarm uncovers previously undetected and rare malware, filling critical gaps in traditional security defenses and providing superior protection against the evolving threat landscape.

Crowdsourced Threat Intelligence Marketplace
Next-Generation Malware Detection
Specialized and Broad Engine Coverage
Pixm
Free
Threat Management

Pixm View Pixm

Pixm revolutionizes phishing defense by employing state-of-the-art computer vision to analyze web pages from a human perspective, effectively identifying deceptive elements that traditional security tools often overlook. This AI-powered solution, designed for everyday users and backed by ManageEngine's commitment to flexible business solutions, provides unparalleled protection against the most prevalent cyber threats.

Computer Vision Analysis
Human-like Visual Scanning
Deceptive Element Detection
Packet Storm
Free
Threat Management

Packet Storm View Packet Storm

Packet Storm is a comprehensive threat intelligence feed dedicated to empowering the information security industry with critical vulnerability data and free tooling. We provide timely and relevant details for seasoned professionals while offering foundational insights into emerging threats and exploitation methods for those new to the field. Our mission is to equip security professionals with the extensive data necessary to make informed decisions for robust domain protection.

Real-time vulnerability data feed
Extensive collection of security advisories
Free security tooling and resources
Mitre ATT&CK
Free
Threat Management

Mitre ATT&CK View Mitre ATT&CK

MITRE ATT&CK™ is a globally recognized, empirically-based knowledge base detailing adversary tactics and techniques observed in real-world cyberattacks. It serves as a foundational framework for developing robust threat models, defensive strategies, and cybersecurity solutions across various sectors, including private industry, government, and the cybersecurity product and service community. By fostering collaboration and providing open access, ATT&CK empowers organizations to enhance their cybersecurity posture and build a safer digital world.

Comprehensive knowledge base of adversary tactics and techniques
Based on real-world observations and cyberattack data
Enables development of threat models and defensive strategies