SafeMan

a security tool with the high privilege exploiting the windows kernels:
C++ implementation
object oriented programming
developed with windows DDK
there is a portable interface (MFC)
find the hidden processes
watch the SSDT(System Services Descriptor Table)
active defense
tested on WinXP SP3