Raccine is a simple ransomware protection that intercepts and kills malicious processes that attempt to delete shadow copies using vssadmin.exe. It uses YARA rules to scan command line parameters for malicious activity and can be easily uninstalled without leaving any system files modified. However, it may break some backup solutions and block legitimate use of vssadmin.exe. Raccine works by registering a debugger for vssadmin.exe, collecting the parent process IDs, and killing them if malicious activity is detected. It also logs the killed PIDs to the Windows Eventlog. Please note that Raccine should be used at your own risk and may interfere with certain backup solutions.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Comprehensive endpoint security solution providing proactive defenses, remediation tools, and centralized management to prevent threats and ensure uptime.
Powerfully simple endpoint security solution that takes down threats without interrupting business.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Advanced Endpoint Protection is a complete endpoint protection platform that provides advanced threat protection against ransomware, data breaches, and malware.
A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
Cisco Secure Endpoint is a cloud-native endpoint security solution that provides advanced protection and response to threats.
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.