ProcFilter Logo

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

397
Endpoint Security Open Source
WindowsYara
Visit website
Compare
Compare
0
Explore Endpoint Security4 AlternativesCompareStacksMarket MapExplore All Tools
MCPThe entire cybersecurity market, one prompt awayTry MCP Access

ProcFilter Description

ProcFilter is a process filtering system for Windows with built-in YARA integration. YARA rules can be instrumented with custom meta tags that tailor its response to rule matches. It runs as a Windows service and is integrated with Microsoft's ETW API, making results viewable in the Windows Event Log. Installation, activation, and removal can be done dynamically and does not require a reboot. ProcFilter's intended use is for malware analysts to be able to create YARA signatures that protect their Windows environments against a specific threat. It does not include a large signature set. Think lightweight, precise, and targeted rather than broad or all-encompassing. ProcFilter is also intended for use in controlled analysis environments where custom plugins can perform artifact-specific actions. Designed to be easy to adopt, ProcFilter's integration with Git and Event Log minimize the need for additional tools or infrastructure to deploy rules or gather results. ProcFilter is compatible with Windows 7+ and Windows Server 2008+ systems. Installers ProcFilter x86/x64 Release/Debug Installers Note: Unpatched Windows 7 systems require hotfix 3033929 to load the driver component.

ProcFilter FAQ

Common questions about ProcFilter including features, pricing, alternatives, and user reviews.

ProcFilter is ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.. It is a Endpoint Security solution designed to help security teams with Windows, YARA.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Push Security Logo
Push Security
Zero Trust
CybersecRadars Logo
CybersecRadars
Threat Management
Hudson Rock Logo
Hudson Rock
Threat Management
1Password Logo
1Password
IAM
Get Featured

ALTERNATIVES

HarfangLab Cybersecurity Solutions Logo
HarfangLab Cybersecurity Solutions

EDR platform with EPP capabilities for endpoint threat detection and response

0
Genian EDR Logo
Genian EDR

On-premises/hybrid EDR with local threat detection, response, and NAC integration.

0
autoruns Logo
autoruns

A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.

0
MDE-AuditCheck Logo
MDE-AuditCheck

A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.

0

POPULAR

RoboShadow Logo
RoboShadow
Vulnerability Assessment
OSINTLeak Real-time OSINT Leak Intelligence Logo
OSINTLeak Real-time OSINT Leak Intelligence
Threat Intelligence Platforms
Cybersec Feeds Logo
Cybersec Feeds
Threat Intelligence Platforms
TestSavant AI Security Assurance Platform Logo
TestSavant AI Security Assurance Platform
AI Red Teaming
Fabric Platform by BlackStork Logo
Fabric Platform by BlackStork
Security Information and Event Management
View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
509
Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
357
Penetration Testing
Penetration testing tools and frameworks for manual security testing, exploit development, and vulnerability validation.
263
Offensive Security
Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.
246
Identity Governance and Administration
Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.
230
View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox