- SKT64 is an Ark tool on the Windows platform It's a completely free tool
- support Windows 10 - Windows11
- Process Operations
- View Process
- Terminate Process
- Set Process to System Critical
- Suspend Process
- Resume Process
- Hide Process
- Set Process PPL (Protected Process Light)
- Inject DLL
- Thread Operations
- View Process Threads
- Terminate Process Thread
- Suspend Process Thread
- Resume Process Thread
- View Kernel Module
- Unload Kernel Module
- Hide Kernel Module
- Modify Kernel Module Image Base
- View Kernel Module Major Functions
- View/Remove Callbacks
- CreateProcessNotify
- CreateThreadNotify
- LoadImageNotify
- RegistryCallback
- BugCheckCallback
- BugCheckReasonCallback
- ShutdownNotify
- LastChanceShutdownNotify
- FsChangeNotify
- PowerSettingCallback
- CoalescingCallback
- PriorityCallback
- DebugPrintCallback
- ExCallback
- PlugPlayNotify
- EmpCallback
- Disable ObRegisterCallbacks Callback
- Disable Thread/LoadImage/Module Notify
- Disable CmRegisterCallback Callback
- View/Remove MiniFilter
- View/UnHook SSDT
- View/UnHook Shadow SSDT
- Scan/Unhook MSRHook (Supports MSR/Inline/VMM Hook including EPTHook/NPTHook)
- Scan/Unhook IrpHook
- View/Remove WFP Function
- View/Remove WFP Callout
- View/Delete/Protect/Rename/Move File (Ignores IRP occupation/Handle occupation/Hard Link)
- System Kernel Monitor
- VMM (Virtualization Technology)
- Disable PatchGuard
- Ignore Driver Signature Enforcement (Load Driver)
- Fast Shutdown/REBOOT/BSOD
- Memory Editor
- Sandbox
- Taskmgr-Editor
- Colorful BSOD
- Hot flash to firmware
- Lock Firmware
- Prohibit:
- Create Process
- Load Driver
- Create File
- Modify Registry
- Modify Disk Boot Sector
- Unload Driver
- View IoTimer
- View Object-Type
- View/Terminate/Suspend/Resume System-Thread
- View IDT/GDT
- View UnloadDrivers
- View HalDispatchTable/HalPrivateDispatchTable
- View PiDDbCacheTable
kebugcheck2$outlook.com($change to @)
Do not use Disable PatchGuard on a physical machine!
- "Refresh" is misspelled.