资源列表
GetPass.rar
- 挂接键盘钩子,轻松记录各种密码的源代码,包括QQ,各种游戏帐号等。,Articulated keyboard hook to easily record the password source code, including QQ, games, etc. account.
BIOSRootkitIVTHook.rar
- BIOS Rootkit为了达到控制系统流程的目的,一般会采用Hook IVT,即Hook中断向量表的方式来实现。IVT Hook的实现和检测,涉及许多具体的问题。因此,我把IVT Hook分几部分来进行讨论。在本节和下面几节中,我们将讨论如何借助Bochs的帮助来查看原始IVT、分析IVT Hook情况以及在此基础上写一个简单的IVT检测程序。闲话少说,这就开始我们的旅程吧,BIOS Rootkit process control system in order to achieve the
keyprocessmonitor.rar
- 关键进程监视+*器+自动邮件通知,十分简单的*模型仅供参考,key process monitor and keyboard record and autoemail
rootkit.rar
- 一个rootkit原理程序演示 ,附带了运行system的工具,代码附有部分注释,The principle of a rootkit program demonstration, with the operation system of tools, code with some comments
HookSSDT.rar
- HOOK NtOpenProcess 保护指定进程,HOOK NtOpenProcess the protection of designated process
sysenter.zip
- KiFastCallEntry hooking,KiFastCallEntry hooking
KMMaping
- 一个C#写的键盘鼠标钩子,主要用于网游的连点,支持后台/前端窗口-C# to write a keyboard and mouse hook, mainly for online games with points, support for background/front window
dll-inject[src]-
- dll注入辅助工具[带源码],做*的必备手段.-dll injection aids [with source], plug the necessary means to do.
hook-process
- hook openprocess* 保护进程-hook openprocess
detours_2.1
- 钩子库,detours2.1 可以编译到vc-detour dll
IDT-Hook-
- IDT是一个有256个入口的线形表,每个IDT的入口是个8字节的描述符,所以整个IDT表的大小为256*8=2048 bytes,每个中断向量关联了一个中断 处理过程。所谓的中断向量就是把每个中断或者异常用一个0-255的数字识别-IDT is a linear table 256 entry, each IDT entry is 8-byte descr iptors, so the size of the IDT table 256* 8 = 2048 bytes, each inter
Link Card SW
- 截取Windows中通用PCSC智能卡读卡器通讯的DLL文件,将生成的winscard.dll置于目标应用程序同目录,即可截获并记录所有通讯。-Common intercept Windows PCSC smart card reader in communication DLL file, put the generated winscard.dll target application with the directory, you can intercept and record all