Windows File Tools v1.0 The continuity of Windows File Monitor

Because of huge demand from our community, as promised we finally created a new version of Windows File Monitor now called “Windows File Tools”.

It was recorded from scratch for better stability and performance.

The principle is the same as before, it will monitor file activities in real time by generating a user-friendly tree of events.

Activities (also called events) supported:

• File creation
• File modification
• File deletion
• Folder creation
• Folder modification
• Folder deletion
• File/Folder attributes update
• File Update
• Folder Update

It is possible to configure multiple optional filters:

• Filter for specific events
• Filter for specific paths to monitor (optionally recursively)
• Filter for specific file extensions (white list mode)
• Blacklist specific paths (including subdirectories)

The file monitor works from Windows XP to the latest Windows 10 build — 32 and 64 bit.

It requires administrative rights and also supports French as demanded by our French community.

The future of Windows File ...

Merry Christmas

May the peace and blessings of Christmas be yours and may the coming year be filled with happiness and success.

Winja 5.0 finally released

This version required a lot of time to be ready for release, mostly because of a lack of time. Winja and other freeware have low priority for development and coding. For the last two years, I’ve been overwhelmed by other projects for my company. To be more productive, I have created two large frameworks which are now tested on Winja:

• Phrozen Engine: A set of modern visual components which reproduce several options offered by the famous CSS through Browser Graphical Engine. Phrozen Engine is mostly coded using GDI/GDI+ and Direct2D. Since they are native, applications don’t require any additional frameworks to be run, and are produced lightweight.
• Phrozen System: A set of components that interact directly with the system (User Level) and graft to the Phrozen Engine.

For the moment, only three big components have been used and tested: VirusTotal Uploader, Networking Process and HTTP Transmission (Download ...

Shortcuts as entry points for Malware part 3

In this last research on Windows shortcuts, we will demonstrate another sneaky technique to inject any kind of file without any limits on file size. 

The goal, again, is to demonstrate the real dangers of .LNK files (Microsoft Shortcuts), which are wrongly considered to be safe by common users.

A little reminder: a Windows shortcut is a binary file with the extension .LNK (Link File). Shortcuts are generally used to redirect one file to another, such as launching a program from your Desktop that is installed elsewhere on your system.

Less frequently, as we discussed in one of our previous papers, you can also execute shell commands through the shortcut, a good feature for users to create little automated tasks - but also an opportunity for hackers.

For whatever reason, Microsoft has also made any icons you can find on your system easy to usurp, so you can make the ...

Portal updated to v3.0

New web site

We are pleased to present you the version 3 of our official website.

Changelog

• Backend migration from PHP to Python.
• Software (and new versions) distribution improved.
• Overall website simplified (user experience and administration).
• Web server migration from Apache to Nginx.
  
  

Coming articles

• New version of the article “Shortcuts as entry points for Malware part 3”
• .BAT (Windows Batch) files as Malware host (Dropper)
• Clean install of Windows 10 — Improve the overall privacy and security.

Coming updates

• Winja 4.2
• Windows Privacy Tweaker 4.0
• Who Stalks My Cam 4.0
• Unnamed Malware Scanner (Merge RunPE detector, ADS Revealer, Shortcut Scanner and new techniques) 

Notice: Who Stalks My Cam is temporary removed from our Software collection until new version is ready. 

Feel free to share your feelings and follow us on our social networks to stay tuned about our progress.