sitelogo

Kernel Mode Calls Logger (Windows)

This driver helped me to understand the logic of Asus Xonar DG driver. Current version intercepts following calls: WRITE_PORT_UCHAR, WRITE_PORT_USHORT, WRITE_PORT_ULONG. DbgView utility required from Mark Russinovich to capture the debug log. DrvLoader utility required to load the driver into the system.

Also it is a good example of the kernel-mode function hooking and enumeration of the currenly loaded kernel modules, using ZwQuerySystemInformation().

Source code can be found on Github under GNU/GPLv2 license