JaredWright / WFPStarterKit

An example driver for Windows that shows how to set-up some basic components of the Windows Filtering Platform
MIT License
190 stars 53 forks source link
c driver networking wfp windows

WFPStarterKit

This repository contains source code for an example driver along with a tutorial that collectively show how to set-up some basic components of the Windows Filtering Platform (WFP). The WFP is a kernel level Windows API that allows you develop drivers that provide networking functionality beyond the scope of any libraries provided by Microsoft. This powerful framework is essentially a tool kit for creaing networking rootkits on Windows, or for changing how Windows provides networking capabilities to all applications running in userspace. Even though this framework is very powerful, documentation for using (let alone getting started) with the WFP is currently nonexistent in my opinion. This repository aims to help others get to "Hello World" with the WFP, and bootstrap your knowledge to a point where you will be able to (bravely) start making any sense of Microsoft's documentation for this tool.