Branch Monitor

The Branch Monitor is a framework based in the Branch Trace Store (BTS) feature present in modern Intel’s processor to collect execution metadata to allow malware analysis in a stealth manner. The Branch Monitor framework can work as a malware tracer, as a debugger and as a Return-Oriented-Programming (ROP) attack detector, according user’s needs. Branch monitor is implemented as a kernel driver for Windows 8 and it is source code is fully available. Check it out!

A branch-monitor-based solution for process monitoring.
https://github.com/marcusbotacin/BranchMonitoringProject
38 forks.
124 stars.
0 open issues.

Recent commits:

• Merge branch 'master' of https://github.com/marcusbotacin/BranchMonitoringProject, Marcus Botacin
• paper updates, Marcus Botacin
• some more info in README, Marcus Botacin
• RetMonitor + LBR, Marcus Botacin
• RetMonitor code, Marcus Botacin