Back to Home

Overview

Experimental software that analyzes system behavior using the Windows Hook API, processes keyboard/mouse inputs, and demonstrates reverse engineering capabilities.

Why It Exists?

To build secure systems, one must first understand how to exploit them. Ferivonica is an experimental research project designed to study how malware, specifically keyloggers and user-emulation bots, interact with the Windows Kernel and intercept hardware streams.

Architecture & Decisions

Written purely in low-level C++ to interact directly with the Win32 API. It relies heavily on 'SetWindowsHookEx' to establish global hooks, intercepting keyboard and mouse interrupts (WH_KEYBOARD_LL) before they even reach user-space applications.

Key Features

  • Low-level global system hooking
  • Hardware interrupt interception
  • Demonstration of malware behavioral patterns
  • Minimal footprint (in-memory execution)
  • Reverse engineering testbed
Note: This tool is strictly for educational and defensive research purposes. By understanding how these hooks operate, I can develop better detection and prevention algorithms for my other security projects.