搜索资源列表
AnyHook
- 进程注入asm实现任意api Hook。可中断修改参数和寄存器。总是传错,无奈啊-Asm into the process of achieving any api Hook. Interruptible modify the parameters and registers.
WindowsAPISoruces
- windows API(清华大学冉林仓编著)源代码,包括8章。本书在介绍Win 32 API函数调用的基础上,重点介绍如何使用Windows SDK API开发Win 32动态链接库和应用程序,并结合进程管理、进程通信、钩子函数、窗口子类化、API HOOK、Internet Explorer开发、网络编程等介绍了API函灵敏在这些方面的综合应用。 本书中的实例源代码可通过 本书主要面向熟悉Windows开发且有一定编程基础的中高级用户,旨在帮助用户提高系统编程的能力。-windows AP
SASHook
- SAS Hook,使用远程进程注入的方法注入winlogon.exe屏蔽Ctrl+Alt+Del键,本人几年前的老作品了,对Vista及以上系统无效。-SAS Hook, use the method of injection into the remote process winlogon.exe Shield Ctrl+ Alt+ Del keys, I have a few years ago the old works, and on Vista and above systems is
APIHOOK
- Windows api hook的一段代码,在书上找到很好用可以保护进程不被结束-Windows api hook section of code found in the book very well not be used to protect the end of the process. .
Simple_APIHook
- 这是在Ring 3环境下简单的API Hook,实现让任务管理器无法结束进程。-This is the Ring 3 environment, a simple API Hook, to achieve so that Task Manager can not end the process.
hosthook
- this is in-process com, it can hook call information by it
netfilter
- netfilter源码。通俗的说,netfilter的架构就是在整个网络流程的若干位置放置了一些检测点(HOOK),而在每个检测点上上登记了一些处理函数进行处理(如包过滤,NAT等,甚至可以是 用户自定义的功能)。 -netfilter source. Popular to say, netfilter framework is the process in a number of locations throughout the network to place a number of det
hook
- A hook is a point in the system message-handling mechanism where an application can install a subroutine to monitor the message traffic in the system and process certain types of messages before they reach the target window procedure.
_123_
- 利用HOOK SSDT表达到隐藏进程信息,内有驱动代码和加载代码-Use the expression to hide the process HOOK SSDT information, there are driver code and load code
MagicApiHook
- Magic Api Hook Engine, this is a simple all around process api hooker just for WinNT family
NoKilledProcess
- 原创的进程防杀最终版 Hook OpenProcess 支持xp,server2003,不支持NT2-Original anti-death process, the final version of Hook OpenProcess support xp, server2003, does not support NT2000
vc_hook_control_process_used_to_create
- vc利用钩子控制进程的创建vc hook control process used to create-vc hook control process used to create
anti_virus_methods
- UcHelp 病毒分析,Worm.Repka.u病毒分析,包含调试,反汇编,分析全过程;Hook编程等。学习病毒与反病毒的绝佳材料。-UcHelp virus analysis, Worm.Repka.u virus analysis, including debug, disassemble, analyze the whole process Hook programming and so on. Learning virus and anti-virus, excellent mater
VB.Hook.intercept.code.testing.process.firewall.ra
- VB全局 Hook 测试进程防火墙拦截进程代码VB Global Hook intercept the process of code testing process firewall -VB Global Hook intercept the process of code testing process firewall
windows_kernel_tool
- 一:SSDT表的hook检测和恢复 二:IDT表的hook检测和恢复 三:系统加载驱动模块的检测 四:进程的列举和进程所加载的dll检测 -1: SSDT table hook detection and recovery 2: IDT table hook detection and recovery 3: System load driver module test 4: the process list and the process of loading the dll
arktool
- 1、息钩子监视:列举系统上的消息钩子。 2、块加载监视:列举系统上加载的所有内核模块 3、SSDT监视:通过得到原始的SSDT地址来得到被恶意程序HOOK的API以及恢复SSDT 4、注册表保护:对一些重要的注册表项进行保护,防止恶意程序对其进行修改。 5、隐藏进程检测:检测出系统中隐藏的进程。 6、隐藏端口检测:检测出系统中隐藏的端口。 7、进程强杀:能够杀死系统中的对自身保护的恶意进程。-1, the interest rate hook monitor
nokill
- 利用微软Detour学习HOOK任务管理其,是进程不能被任务管理器结束,主要HOOK的是CreatePrcess,很好的一个模板,大家HOOK其它函数时候直接套用就OK了-HOOK learning tasks using Microsoft manage its Detour is a process that can not be the end of Task Manager, the main HOOK is CreatePrcess, a good template, you HOOK
HOOK-class
- HOOK技术的Ring0级进程保护组件设计与实现-HOOK-class process technology Ring0 component design and implementation of protection
HookOdROBH
- Hook内核API-ObReferenceObjectByHandle,实现进程保护,防止被保护的进程被kill掉(360杀不掉它)。-Hook the kernel API-ObReferenceObjectByHandle, in order to protect process so that the protected process can not be killed by others.
KsBinSword
- 进程相关函数HOOK代码VOID DisplayProcess() 列举进程 VOID DisplayThread() 列举线程 ULONG GetCidAddr() 列举进程所需要的Cid表 DWORD GetDllFunctionAddress() 主动防御中通过句柄得到路径 PVOID GetDriverBaseAdress() 获取指定驱动基址 DWORD GetPlantformDependentInfo () 获取平台信息 BOOL GetProcessNa