资源列表
rootkit.rar
- 一个rootkit原理程序演示 ,附带了运行system的工具,代码附有部分注释,The principle of a rootkit program demonstration, with the operation system of tools, code with some comments
HookSSDT.rar
- HOOK NtOpenProcess 保护指定进程,HOOK NtOpenProcess the protection of designated process
sysenter.zip
- KiFastCallEntry hooking,KiFastCallEntry hooking
KMMaping
- 一个C#写的键盘鼠标钩子,主要用于网游的连点,支持后台/前端窗口-C# to write a keyboard and mouse hook, mainly for online games with points, support for background/front window
dll-inject[src]-
- dll注入辅助工具[带源码],做*的必备手段.-dll injection aids [with source], plug the necessary means to do.
hook-process
- hook openprocess* 保护进程-hook openprocess
detours_2.1
- 钩子库,detours2.1 可以编译到vc-detour dll
IDT-Hook-
- IDT是一个有256个入口的线形表,每个IDT的入口是个8字节的描述符,所以整个IDT表的大小为256*8=2048 bytes,每个中断向量关联了一个中断 处理过程。所谓的中断向量就是把每个中断或者异常用一个0-255的数字识别-IDT is a linear table 256 entry, each IDT entry is 8-byte descr iptors, so the size of the IDT table 256* 8 = 2048 bytes, each inter
Link Card SW
- 截取Windows中通用PCSC智能卡读卡器通讯的DLL文件,将生成的winscard.dll置于目标应用程序同目录,即可截获并记录所有通讯。-Common intercept Windows PCSC smart card reader in communication DLL file, put the generated winscard.dll target application with the directory, you can intercept and record all
VCHookDemo
- VC++全局钩子的实现,能够是实现全局钩子的 鼠标取词,get word。利用Windows API钩子技术实现全屏幕取词。 vc++编写的鼠标键盘消息的拦截程序,运用钩子实现-the global hook of VC++ Demo
Createprocess.rar
- 创建进程提醒,挂起恢复进程,是一个不错的程序,,Create a process to remind, hang recovery process, it is a good procedure,
CKeyHook
- CKeyHook是一个通过设定钩子,截获键盘事件的操作示例,对于掌握钩子的安装、时间截获等处理方法有参考价值。-CKeyHook is by setting the hook, intercepting keyboard events, the operation of example, to master the hook for the installation, the time intercept other treatment methods have reference value.