Windows kernel-mode minifilter driver providing process monitoring, memory inspection, filesystem/registry access control with user-mode approval workflows, DLL injection (APC + manual map), hardware fingerprinting, and driver self-concealment. Communicates via unnamed shared memory ring buffers - View it on GitHub