搜索资源列表
ZwLoadDriverHook
- [Delphi] LoadDriver SSDT Hook. Compile it with Meerkat 1.1 Use DbgView to catch informations. Only for Windows XP. Meerkat 1.1 link : http://www.mediafire.com/?hbhjorv8797k2-[Delphi] LoadDriver SSDT Hook. Compile it with Meerkat 1.1
Hook-ZWopenprocess
- 内核开发,主要介绍如何通过SSDT表HOOK函数。-Kernel development, focuses on how the SSDT table HOOK function.
drv-HOOKSSDT
- HOOK SSDT的代码,SSDT不用我说了吧,懂驱动的都明白。-HOOK SSDT code, SSDT I do not say it, understand the drivers can understand.
hookSSDT
- 关于恢复hook ssdt的源码,可以过一般的游戏保护-Recovery hook ssdt on the source, can be protected over most games
SSDT--11
- SSDT的全稱是System Services Descr iptor Table,系統服務描述符表。這個表就是一個把ring3的Win32 API和ring0的內核API聯繫起來。SSDT並不僅僅只包含一個龐大的位址索引表,它還包含著一些其他有用的資訊,諸如位址索引的基底位址、服務函數個數等。 通過修改此表的函數位址可以對常用windows函數及API進行hook,從而實現對一些關心的系統動作進行過濾、監控的目的。一些HIPS、防毒軟體、系統監控、註冊表監控軟體往往會採用此介面來實現自
XueTr
- 1.进程、线程、进程模块、进程窗口、进程内存信息查看,热键信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、IDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查
SSDT-HOOKMmMapIoSpace
- SSDT HOOK之MmMapIoSpace方法-SSDT HOOK method of MmMapIoSpace
NtOpenProcess[SSDT-Hook]
- NtOpenProcess[SSDT Hook].rar-
hook
- 修改ssdt表,隐藏进程(使木马难以被操作系统发现)-The modify ssdt table hidden process (so that the Trojan can hardly be the operating system)
Hidden-process-detection
- 进程隐藏与检测,在驱动中通过hook ssdt表来实现进程隐藏的目的!-Hidden process detection process hidden in the drive through the hook ssdt table!
Overloaded-kernel-file-to-bypass-the-SSDT
- Hook KiFastCallEntry
ssdt
- windows平台下ssdt hook的示例代码 -ssdt hook for windows
kssd-rootkit
- 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring
ssdt
- 里面有 SSDTHOOK Shadow SSDT HOOK 内存读写 等等自己看去 -SSDTHOOK Shadow SSDT HOOK
anti ssdt
- 过大多数网游反外挂代码 恢复各种SSDT inline hook-anti SSDT inline hook
zhuoran
- 主要通过hook ssdt api 进行驱动保护 -Mainly driven by hook ssdt api protection
ssdt-shadow-hook
- 易语言 ssdt shadow hook 保护窗口,挂钩多个函数,兼容X86 XP~2008所有32位操作系统。包含调用和驱动源代码,使用sys边源包可编译-The easy language ssdt shadow hook Protection window, linked to more than one function, compatible with X86 XP ~ 2008 all 32-bit operating system. Contains call and driver
ssdt
- 易语言SSDT HOOK编程框架,在此基础上,可以快速实现SSDT HOOK 驱动开发-The easy language SSDT HOOK programming framework, on this basis, you can quickly achieve SSDT HOOK-driven development
registry-monitor
- windows注册表监控源码。Ring0级中HOOKSSDT实现。-Windows registry monitoring source. The level Ring0 hook SSDT achieve.
SSDT-Hook-realization-(two)
- 进程隐藏与进程保护(SSDT Hook 实现)(二)分许如果过驱动HOOK-Hidden process and process protection (SSDT Hook realization) (two) Xu if overdriven HOOK