ObjMon
 

Target audience

  

  Novice users
  Intermediate users
  Power users
  System administrators
  Support engineers
  Application developers
  Kernel developers

Monitor kernel object activity in realtime

ObjMon allows you to monitor kernel object activity in real time. Because many elements in the Windows kernel such as files, registry keys, symbolic links and events are represented as kernel objects, ObjMon can be used for a wide variety of purposes.


Supported Objects

Although not every type of kernel object can be monitored by ObjMon, the following kernel object types are supported: Type, Directory, SymbolicLink, Token, Process, Thread, Job, Event, Mutant, Callback, Semaphore, Timer, KeyedEvent, WindowStation, Desktop, Section, Key, Port, Waitable Port, Adapter, IoCompletion., File and WmiGuid. We will be looking forward to extend this range in a future version of ObjMon.


Screen Shot

This is a live screen shot of ObjMon in action.


For research and education only

Note: this software is for research and educational purposes only. It uses some undocumented techniques to achieve its goal and is therefore not intended to be used on any production system. Although this software has been thoroughly tested and verified, it remains very vulnerable to operating system changes. Any new service pack or visit to the Windows update site may cause this software to malfunction and cause your computer to blue screen and reset.


Supported operating systems

Currently, ObjMon runs on the following operating systems:

  • Windows XP Service Pack 2
  • Windows XP Service Pack 2 x64 editions
  • Windows 2003 Server Service Pack 2
  • Windows 2003 Server Service Pack 2 x64 editions
  • Windows 2000 Service Pack 6

    Note: ObjMon does not run on any edition of Windows Vista. On the x64 edition of Windows XP Service Pack 2 you have on average about 20 minutes before Patchguard detects ObjMon and shuts down the system with a 0x109 bug check. ObjMon is reported to run stable on all other operating systems.


    Download

    ObjMon is available for free however you must agree to the license agreement which will be displayed before installing the software. Please report any comments suggestions or issues you may have.
    Click here to download ObjMon version 1.00 (844K)

    Source Code

    We have released the source code for the ObjMon kernel object activity monitoring driver for education purposes. All information on how to build or use this can be found in the README.TXT file inside the package.

    Click here to download ObjMon version 1.01 source code (30K)


    Copyright © 1997-2024 Resplendence Software Projects. All rights reserved. Privacy Policy.
    Page generated on 3/19/2024 10:28:38 AM. Last updated on 9/17/2019 2:09:47 PM.