From kitploit.com
![](https://2.bp.blogspot.com/-evr-g5bb7m0/YMZqSngj2lI/AAAAAAAAaDg/k68fHZQrOU4C76vvSH_y02ES5jzzWSvzwCK4BGAYYCw/w640-h432/FalconEye_1-770139.png)
FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening (real-time). Since FalconEye runs in kernel mode, it provides a stronger and reliable defense against process injection techniques that try to evade various user-mode hooks.
You can check our presentation at 2021 Blackhat ASIA Arsenal and slides.