Home
Forums
News
Software
Rootkit List
Articles
Links
Contact Us




Click Flag for Translation

Subscribe to the Antirootkit Newsletter
Enter Email Address

Subscribe
Unsubscribe

Home > Software


Darkspy


DarkSpy is a new rootkit detection tool from China. It's coded by two guys : CardMagic & wowocock,and supports some new features that can make the detection more effective.

DarkSpy is consisted of five parts:

1.Process:
Detect hidden process(even hide with FUTo...)
Force kill process(even Icesword)

2.Kernel Module:
Detect hidden kernel module(even hide with FUTo...)

3.File:
Detect hidden files
Force copy file
Force delete file

4.Registry function is not provided in test version.

5.Port:
Detect hidden ports

(Notice: DarkSpy don't allow any kernel debugger to run!)

DarkSpy 1.0.5 new features:
Enhanced Process/Driver Module detection.
Fixed some problems working with other security software(Karspersky...etc).
Enhanced process force terminate functionality.
Start to support multi-cpu and hyperthread.
Registry functionality added.
Help document added.

This is a Test Version - Use at your own Risk. Download Below.

Darkspy Ant-Rootkit Frontend

More Details
Screenshots
Download - English Version 1.05
Download - English Version 1.03

Updates

Update - 9th May 2006 - Cardmagic has created a new website for Darkspy. It is located at http://www.fyyre.net/~cardmagic/index_en.html


If you have any problems or questions about Darkspy you can ask for help in the our Forum.

 

 
©2005 Antirootkit.com