Documentation

Welcome to the DioIPS documentation. Dio means God in Latin — DioIPS is the God-level IPS for Windows, providing comprehensive intrusion prevention across kernel, NDIS, and hypervisor layers.

Getting Started

Installation, requirements, and first run

Kernel Driver

Ring 0

Process, registry, file, network, image, injection monitoring

NDIS Filter

NDIS LWF

Raw packet inspection, ARP spoof detection, flow dedup

Hypervisor

Ring -1

EPT shadow hooks, NtWriteVirtualMemory monitoring

User Interface

12-tab Dioxus dashboard with live event viewing

Rule Engine

IPS rules with wildcard patterns and actions

ETW & AMSI

User-mode ETW consumer and AMSI provider

API Reference

IOCTL codes, event types, structures

Quick Links

Installation Guide

Get DioIPS up and running on your system

NDIS Driver Signing

Build and sign the NDIS filter driver

Creating Rules

Define IPS rules with wildcard patterns

API Reference

IOCTLs, structures, and technical details