Whitebox Proto-type
Released as open source by NCC Group Plc - http://www.nccgroup.com/
Developed by Ollie Whitehouse, ollie dot whitehouse at nccgroup dot com
http://www.github.com/nccgroup/whitebox
Released under AGPL see LICENSE for more information
(c) 2008 - 2013 Ollie Whitehouse
(c) 2013 NCC Group Plc
This proto-type was originally designed a developed during Christmas 2008 / 2009 to show how a non signature based AV could reliably detect malicious code.
See Whitebox/Documentation/Whitebox.pptx - https://github.com/nccgroup/whitebox/blob/master/Whitebox/Documentation/Whitebox.pptx?raw=true
It was designed to work with Windows XP back then (it uses the Sysinternal filemon and regmon drivers for some instrumentation).
See Whitebox/Documentation/Config.Example.xml