搜索资源列表
ApiHookCheck
- rootkit检测应用程序的是否被hook,里面包含了源码。包含应用层和驱动层代码。-rootkit detection application procedures whether the hook, which contains the source code. Includes application layer and layer-driven code.
AFXRootkit2005
- 一个用delphi开发的开源rootkit代码,可以隐藏文件,目录,进程,句柄等信息。-used to develop an open-source code rootkit can hide files, directories, processes, handle such information.
kilster
- 利用挂钩线程调度链表来检测进程的代码。基本能查出当前所有Rootkit隐藏的进程。系统编程爱好者必下。-use of thread scheduling Chain link to the code detection process. Basic can be detected all current Rootkit hidden process. System programming enthusiasts certainly under.
FILEMON4.34
- 文件名:filemon4。34,文件过滤驱动,最新版的filemon源代码。Sysinternals版-File Name : filemon4. 34, the paper filter driver, the latest version of the filemon source code. Rootkit version
flister
- 检测windows下rootkit对文件的隐藏。some usermode overwrites first few bytes of ZwQueryDirectoryFile and that trick will fail then :( So, you will probably need a small database of the correct indexes for all Windows versions-under rootkit detection window
knark-0.59
- Knark is a kernel-based rootkit for Linux 2.2. 使用此工具可以获得root权限 -Knark is a kernel-based rootkit for Linux 2.2. Use of this tool can root
IATroot
- IATroot为一款以Hook IAT表中的输入函数为基础的一款RootKit,功能比较完整,其中自带一个Native API的开发库及源代码。-IATroot Hook to one to table the IAT input function-based one RootK it, more functional integrity, which own a Native API development libraries and source code.
Single_Byte_Hooks
- Recently I rewatched Joanna s HITB presentation video and I noticed she said that a rootkit leveraging a single byte modification is impossible! Well I think that was a little bold to say and in my opinion it doesn t seem that infeasible that a on
MicroRk_Very_small_usermode_rootkit
- MicroRk - Very small usermode rootkit
hookport
- 驱动类 rootkit 修改端口显示-drive to amend the port category rootkit show
hideregrootkit
- 驱动类 rootkit HOOK注册表读取-driven category rootkit HOOK read registry
ntapi
- delphi NT本地API单元 用delphi写rootkit方便了。-delphi NT local API module delphi write rootkit convenient.
He4Hook215b6
- 尔罗斯著名黑客写的rootkit,里面有很多rootkit技术可以学习-Jilin written by famous hacker rootkit, there are many rootkit technology learning
FU_Rootkit
- windows rootkit,可以列举出内核驱动程序以及就可以把自己的.sys隐藏起来-windows rootkit. can be cited and kernel drivers will be able to own. sys hidden
HkeRootkit
- 演示不用DLL HookAPI 一个类似Rootkit隐藏文件的小程序-not demonstrated a similar DLL HookAPI Rootkit hidden small procedures
AFXRootkit0001
- AFX Rootkit 2005 by Aphex http://www.iamaphex.net aphex@iamaphex.net WARNING -> FOR WINDOWS NT/2000/XP/2003 ONLY! This program patches Windows API to hide certain objects from being listed. -AFX Rootkit 2005 by Krautrock http : / /
InsideWindowRootkits
- rootkit 大家都知道吧,这个资料是最新的,想研究rootkit 技术的看看吧,我敢说这是最新的-rootkit everyone you know that this information is the latest, Study to look at the rootkit technology, and I dare say this is the latest
bootkitbasic
- 可在系统引导时工作的RootKit,较简单 1) It s very small.The basic framework is just about 100 lines of assembly code.It supports 2000,XP,2003 2) It patches the kernel at runtime(no files are patched on disk).(basic version has this code removed , so as other
uay_source
- 一个驱动上实现 无进程 无端口 无服务的简单rootkit-a driver on the achievement of a process without port services without the simple rootkit
kernellevelRootkittechnology
- 对了解和学习rootkit的同志,的确是一篇好动东!:-for understanding and learning rootkit comrades, is a hyperactive East! :