资源列表
nvmini
- 逆向病毒nvmini.sys编译通过源码,非常厉害的程序-Reverse virus nvmini.sys compile source, very powerful program
qwe
- 程序用内核驱动的方式进入ring0,然后访问EPROCESS结构,在EPROCESS结构中找到进程链,从而可实现进程的枚举,但是由于PID 为0的系统进程Idle并没有在这个链上.所以通过这种方法自然也就找不出它来.程序输出可以用softice或DebugView工具查看. 本程序只在XP下调试通过.-Procedures with the way the kernel driver into the ring0, then visit EPROCESS structure, the struc
seh_code
- SEH保护代码的例子,用asm实现穿透SEH。仅用于教学目的,程序较老,但有启发性-SEH protection code example, use asm to achieve through SEH. Only for teaching purposes, procedures, older, but enlightening
PE_editing
- 在windows 9x、NT、2000下,所有的可执行文件都是基于Microsoft设计的一种新的文件格式Portable Executable File format(可移植的执行体),即PE格式。有一些时候,我们需要对这些可执行文件进行修改,下面文字试图详细的描述PE文件的格式及对PE格式文件的修改。-In windows 9x, NT, 2000, all the executable files are based on the design of a new Microsoft fil
Hidden_programs_not_shut_down_process_VC_Implement
- 隐藏程序不被进程关闭,可设置时间,VC++实现-Hide program process is not closed, can set the time, VC++ Implementation
VC_programming_fo_hard_disk_partition_size_code.ra
- VC编程获取所有硬盘所有分区大小经典代码-VC programming for all of the hard disk partition size of all the classic code
VC_simulation_mouse_click_double_click_realization
- VC++模拟鼠标单击、双击的实现经典代码VC + + simulation of mouse click, double-click the realization of the classic code-VC++ simulation of mouse click, double-click the realization of the classic code
VC_network_configuration_network_card_MAC_IP_addre
- VC++ 获取网络配置及网卡MAC和IP地址经典代码-VC++ for network configuration and network card MAC and IP address of the classical code
Changethefontsmenu
- Change the fonts menu
MyRand
- 本人修改的一个测试产生随即函数的里程代码,希望对大家有用。-I modified a test the function of the mileage then generated code, we want to be useful.
modifei
- 一个小修改器,用来修改文件属性的工具,vb编写,供参考-A small modification device, a tool used to modify file attributes, vb prepared for reference
SSDT
- 恢复SSDT的代码,用来干什么自己想吧 主程序在vc下编译通过,驱动用winddk编译-Restore SSDT code, for what they want to compile it by the main program in the vc, driver compiled with winddk