搜索资源列表
SEH_APIHook
- 罗聪作品。利用SEH 技术 达到HOOK 同进程 API 的技术。-Luo cong works. SEH use the same technology to process HOOK API technology.
spy&hook
- 可截获windows下各进程的各类消息,可作消息查看之用-windows can be intercepted under the process of the various news sources for use View
在Windows 2003中HOOK ZwCreateProcessEx
- 工作需要,想控制进程的创建,于是HOOK了ZwCreateProcess,后来发现xp和2003中创建进程的都用NtCreateProcessEx-work needs to control the process of creation, then the ZwCreateProcess HOOK, later found xp 2003 and the process of creating both NtCreateProcessEx
Api Hook和封包拦截技术
- const WM_UNSUBCLASS = WM_USER + 2001 //卸载子类化消息 WM_SENDDATA = WM_USER + 2003 //收到要发送新数据包的消息 type PMyDLLVar = ^TMyDLLVar //用来共享的内存数据结构 TMyDLLVar = record SubClass: Boolean //是否已经子类化 HookWindow, SpyWindow: LongWORD //要安装HOOK的窗口及用于接收消息的窗口 hHook: LongWORD
RING0.RING0下检测用HOOK SSDT隐藏进程的代码
- RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。,RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
HookSSDT.rar
- HOOK NtOpenProcess 保护指定进程,HOOK NtOpenProcess the protection of designated process
hook-process
- hook openprocess免杀 保护进程-hook openprocess
Process_protection.rar
- 基于ssdt hook 的进程保护,防止自己的进程被恶意关闭。包含应用层与应用层通信的代码,based on ssdt hook the process of protection against their own process of being shut down malicious. Contains application-layer and application layer communication code
hook
- 在vs2008下面测试通过 简单的实现了进程内的hook调用,和全局hook,hook部分简单的实现了屏蔽键盘和鼠标消息,后门为功能键F2,有详细的说明,适合入门研究学习 一共三个文件, v19e2_Hook.rar为全局hook程序块,v19e2_HookTest.rar为测试全局hook的程序,v20e1_innerHook.rar为在一个单独的进程内调用hook,-Simple implementation of the process, call the hook, and
ProtectMon
- 驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitabl
Process
- 一个简单的进程钩子,钩子之用,很简单,不太完善-A simple process hook, hook for use, very simple, imperfect
HOOK
- HOOK API,对于一个没有接触过人而言,时个神秘地带,真有那么神秘码?微软提供了这方面的开发包DETOUES,很简单,不需要其他工作就可以实现了,不需要跳转指令,不需要修改PE头,更不需要枚举当前所有进程和即将启动的进程-HOOK API, no contact for a man is concerned, when a mysterious area code really so mysterious? Microsoft provided an SDK DETOUES, very si
Hook
- 利用Hook在系统进程插入线程的改进版本. -Hook the process to use the system to improve the version of the thread insert.
Hook
- 自己写的一个锁机软件。 使用钩子屏蔽热键。 使用Process类终止任务管理器-Writing a lock their software. The use of hook hotkey shielding. Terminating the use of Process Task Manager
Hooktheprocess
- Hook在系统进程插入线程的改进版本,进程的注入hook,加入Dll控制,消息控制,功能强大。-Hook the process to insert the thread in the system to improve the version of the injection process hook, adding Dll control, information control and powerful.
hook
- 驱动级的隐藏进程代码,在驱动层通过替换ssdt地址表中的函数来隐藏进程-Drive-level code to hide the process, in the driver layer ssdt address by replacing the function table to hide the process of
SYSENTER-hook
- SYSENETER是一条汇编指令,它是在Pentium® II 处理器及以上处理器中提供的,是快速系统调用的一部分。SYSENTER/SYSEXIT这对指令专门 用于实现快速调用。在这之前是采用INT 0x2E来实现的。INT 0x2E在系统调用的时候,需要进行栈切换的工作。由于Interrupt/Exception Handler的 调用都是通过 call/trap/task这一类的gate来实现的,这种方式会进行栈切换,并且系统栈的地址等信息由TSS提供。这种方式可能会引起多
Source-protection-process
- 无驱动 无hook 纯API编写的保护自身进程源码 防止自身进程,防止被恶意关闭,此源码进程保护强度一般、-No drive no hook pure API code written to protect its own process to prevent its own process, to prevent malicious closed, the source protection process, general strength,
Cross-process-HOOK
- 易语言远程HOOK最新源代码,适合专一HOOK的需求-Easy language remote HOOK latest source code, suitable for the needs of specific HOOK
Hook
- hook编程,钩子技术,MFC编程,进程内钩子,全局钩子-Programming hook, hook technology, MFC programming, in-process hook, global hook