Reverse Engineering & Analysis
Open Source

Ferivonica (System Internals)

C++Windows APIWin32 Hooking

Experimental software that analyzes system behavior using the Windows Hook API, processes keyboard/mouse inputs, and demonstrates reverse engineering capabilities.

Tech Stack

C++Windows APIWin32 Hooking

System Metrics

In-memory execution (stealth footprint)
Sub-millisecond interrupt interception

Why Did I Build This?

"To build secure systems, one must first understand how to exploit them. Ferivonica is an experimental research project designed to study how malware, specifically keyloggers and user-emulation bots, interact with the Windows Kernel and intercept hardware streams."

Architecture & Decisions

Written purely in low-level C++ to interact directly with the Win32 API. It relies heavily on 'SetWindowsHookEx' to establish global hooks, intercepting keyboard and mouse interrupts (WH_KEYBOARD_LL) before they even reach user-space applications.

Key Features

  • 01.Low-level global system hooking
  • 02.Hardware interrupt interception
  • 03.Demonstration of malware behavioral patterns
  • 04.Minimal footprint (in-memory execution)
  • 05.Reverse engineering testbed
Note: This tool is strictly for educational and defensive research purposes. By understanding how these hooks operate, I can develop better detection and prevention algorithms for my other security projects.