资源列表
Haskell
- <Learn you a Haskell>,极好的Haskell入门书籍。想了解函数式编程的朋友们可以从本书开始接触一下Haske-<Learn you a Haskell> , Haskell excellent introductory book. To learn functional programming friends came into contact with from the book about Haskell
InjDLL(NoShut)
- 利用进程注入,把DLL注入到winlogon.exe进程中,实现禁止关的效果-Using injection process, the DLL into winlogon. Exe process, achieve the effect of ban shut
SeriaPortVxD
- 不占用串口的串口数据截获代码。包内包含Commhook.vxd虚拟设备驱动程序-Do not take up a serial port of serial data intercept the code
SetHookTo
- 用VC写的仿spy++,内含源码,钩子内容.-imitate spy++
SetParent
- 特殊方法设置父母结束进程 对很多驱动保护HOOK的程序也能结束-failed to translate
RestoreShadowSource
- SSDT恢复源代码,是学习SSDTHOOK的参考资料,可以应用于外挂反调试学习当中-SSDT recover the source code, is to learn SSDTHOOK reference, can be applied to study which external anti-debugging
EA-ReviewNotesBrowser
- 用于UML建模工具Enterprise Architect的模型评审的工具插件源代码。 此工具可以实现对EA UML模型的评审、批注,支持多人开发团队协作。-The review plugin for Enterprise Architect (a UML modeling tool), support team works.
FileCreateMon
- 监控文件创建操作的工作,用到了hook的知识-a montion create file tool
NtOpenProcess[SSDT-Hook]
- NtOpenProcess[SSDT Hook].rar-
firewall
- 可以实现在WINDOWS下基于tcp,udp以及icmp协议的数据包过滤的简易防火墙-Simple firewall that can be achieved under WINDOWS tcp, udp and icmp protocol-based packet filtering
hooklib
- 一个hooklib,使用distorm解析指令 支持 ring0 & ring3 以及 x86 & amd64 -A hooklib use distorm parsing instructions Support ring 0, & ring3 as well as x86 & amd64
PEHook
- 通过修改exe达到注入DLL的功能,然后调用DLL的某个函数。-modify exe to inject dll, and then call the dll function.