NtWarden Windows Analysis and Research Toolkit Skill by ara.so — Daily 2026 Skills collection. NtWarden is a Windows system inspection tool built on ImGui + DirectX 11. It covers processes, services, network, kernel internals, ETW, registry, object manager, and more — locally or remotely via WinSysServer. A kernel driver (KWinSys) enables deep kernel-mode analysis including SSDT hooks, kernel callbacks, EPT hook detection, and driver integrity checks. --- Architecture | Component | Role | |---|---| | NtWarden | GUI app (ImGui + DirectX 11) | | WinSys | Static lib — process, service, network e…