搜索资源列表
FU_Rootkit.zip
- rootkit工具,可以隐藏进程和驱动
rk_044
- NT Rootkit-NT Rootkit
rootkit
- ROOTKIT 相关
FU_Rootkit.zip
- rootkit工具,可以隐藏进程和驱动,rootkit tool to hide processes and drive
HideProcessHookMDL.zip
- BASIC ROOTKIT that hides processes,BASIC ROOTKIT that hides processes
AntiXueTrReg
- XueTr算是目前最强的反rootkit工具了,本程序完成了对Xuetr的注册表项的隐藏,采取的方式是驱动绕过,而不是简单的GUI HACKER。-XueTr considered to be the most powerful anti-rootkit tool, the program completed Xuetr hidden registry keys, takes the form of driving around, rather than a simple GUI HACKER.
n00bkit_v0.9d
- ring3 rootkit 源码 ring3 rootkit 源码-ring3 rootkit 源码 ring3 rootkit 源码
source
- 一个很好的反rootkit例子,终止其运用或替换 重要system dlls.-A good example of anti-rootkit, to terminate the use or replacement of important system dlls.
rkhunter-1.3.2.tar
- 在网络安全中经常会遇到rootkit,NSA安全和入侵检测术语字典( NSA Glossary of Terms Used in Security and Intrusion Detection)对rootkit的定义如下:A hacker security tool that captures passwords and message traffic to and from a computer. A collection of tools that allows a hacker to p
svv-2.3-bin
- Detector rootkit kernel mode ring0 sys driver
CsrssWalker
- 在Csrss.exe中,保存着所有Win32子系统进程的进程信息,这些信息以链表的形式保存。 正常情况下,每一个新创建的进程都会通知Csrss.exe,Csrss.exe接收这些信息然后保存起来,所以遍历这个链表就可以得到所有Win32子系统进程的信息。首先就是找链表头了,链表头为CsrssRootProcess,在CSRSRV.DLL导出的函数中有对CsrssRootProcess的操作,因此可以通过CSRSRV.DLL的导出函数找到CsrssRootProcess。 通过遍历这个链表
hiding_concepts_rootkits
- Many people do not realize the real danger from rootkit technology. One reason for this probably that publicly available rootkits for Windows OS are relatively easy to detect by conventional methods (i.e. memory scanning based). However, we can i
Bootkit_TDSS_Extract
- tdss3 rootkit dumper
710303Klog-1.0
- klog for rootkit studying
kssd-rootkit
- 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring
agony-rootkit
- this the agony rootkit source code.-this is the agony rootkit source code.
rootkit-master
- mnps是一个可以隐藏程序、文件、自身模块的Linuxrootkit-mnps is a linux rootkit to hide processes ,files and itself.
the_flying_circus
- One of the best rootkit source code for MacOS supporing 10.x platform.
knark-2.4.3
- 一款rootkit工具,Linux平台下使用,可实现文件、进程、网络、模块的隐藏(A rootkit tool, under the Linux platform, can be used to hide files, processes, networks and modules.)