APIVoid: Threat Analysis APIs for Threat Detection & Prevention

Process Permit v1.0

Process Permit is a ”skeleton” framework that affords 3rd-party developers the ability to create rules for allowing or denying process creations on Windows NT-based operating systems. The framework can be integrated to fit local and remote rule sources, e.g: C:\Program Files\Product Name\Rules.DB or remote URLs such as https://www.RemoteHost.com/Rules.php. This offers the developer governing process creations complete granular control over every process execution system-wide. A similar framework is used in one of our flagship products EXE Radar Pro (ERP) and is tested and proven over the many years of development and wide public use. Process Permit will gather tons of useful process creation information such as the process filename, process id, MD5 hash, SHA1 hash, file description, company signing name (if signed), parent process name, parent process id etc. and expose this ”raw” data in a neatly organized structure for any application to control.

For Windows XP, Vista, 7, 8, 10 (32\64-bit)

app screenshot

Create Your Own Anti-Executable

Everything is event driven and no polling of data is needed. The service application will send a secure IPC data message to the control application when a new process is created and wait for the control application to determine whether the process creation should be (dis)allowed based upon simple or complex rule sets (robust) that can be created easily with the collected data. Such technology is useful when developing anti-executable and/or HIPS software within the security industry, we've just done the hard parts at the lowest level of the OS for you, in order for developers to solely focus on the high-level rule creation aspects.

Monitor Processes

An effective technology developed to do one thing: monitor process executions.

Detailed Process Data

You get process filename, SHA1 hash, command-line, signer, parent process, etc.

SHA1 File Hash

The software uses SHA1 file hash to hash processes and parent processes.

Support FUS and Logons

Built to support Fast User Switching, User Logons and User Logouts.

Detect TLS Callbacks

We detect Thread Local Storage (TLS) callbacks used to bypass process monitoring.

Windows XP to 10

Our techology works on all versions of Windows, from XP to 10 FCU (x86 & x64).

Proven Stability

Proven to be stable, robust and to work without conflicts with other security software.

Release Your Creativity

Just think about how to use our technology, the difficult part is already done.

Always Up-to-date

We maintain and update (if needed) the Windows service and the kernel-mode driver.

Watch the video

With this video we show you Process Permit in action, so you can
see how it works and how lightweight it is.

Application Screenshots

Here there are some screenshots of the application.

app screen
app screen
app screen
app screen

Product Details

Version 1.0
Last Updated November 11, 2017
Operating System For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Category Experimental Tools
License Type Commercial
File Size 2 MB