# WinArk ![image](doc/resources/WinArk.ico)

## Introduction

* WinArk is an open source Anti-Rootkit(ARK) tool for Windows. It supports from Windows 7 to Windows 11. We also support both 32 bit and 64 bit. Compared with other Ark tools, WinArk can run on the latest Windows 11 without updating binary files since it will automatically downloads requisite symbol files.

## Compiling
* [How to build WinArk](doc/build-winark.md)

## Contributing
Contributing to WinArk is super appreciated.
If you want to contribute to WinArk, please read the [Coding Conventions](doc/Coding%20Conventions.md)

## Screenshots

![](./Untitled%2016.png)
![](./Untitled%2015.png)
![](./Untitled%2014.png)
![](./Untitled%2013.png)
![](./Untitled%2012.png)
![](./Untitled%2011.png)
![](./Untitled%2010.png)
![](./Untitled%209.png)
![](./Untitled%208.png)
![](./Untitled%206.png)
![](./Untitled%205.png)
![](./Untitled%207.png)

## Credits

- Core features by [SystemExplorer](https://github.com/zodiacon/SystemExplorer)
- Disassembly powered by [capstone](https://github.com/capstone-engine/capstone)
- PE parser by [TotalPE](https://github.com/zodiacon/PEParser)
- Registry Explorer by [TotalRegistry](https://github.com/zodiacon/TotalRegistry)
- DeviceExplorer by [DeviceExplorer](https://github.com/zodiacon/DeviceExplorer)
- Event Trace by [ProcMonXv2](https://github.com/zodiacon/ProcMonXv2)
- Native API lib by [phnt](https://github.com/processhacker/phnt)
- Theme config by [systeminformer](https://github.com/winsiderss/systeminformer)
- Windows spy by [WinSpy](https://github.com/zodiacon/WinSpy)