搜索资源列表
packet_monitor
- 监控指定进程的数据收发程序,采用HOOK API方式,已写成相关的类实现-Monitoring procedures specified process data transceiver, using HOOK API method implementation related classes have been written
botdigger
- 基于api hook技术的未知病毒检测工具,可以用来学习。使用api hook工具获取刻意进程的api 序列,以api短序为特征输入svm进行识别。-Api hook technique based on the unknown virus detection tool to learn. Tools for use api hook api deliberate process sequence to a short sequence featuring api import svm for
VB_program_created_process_instance_HOOK.dll_ban.r
- VB使用HOOK.dll禁止程序创建进程实例VB program created using the process instance HOOK.dll ban-VB program created using the process instance HOOK.dll ban
InnerHook
- 一个利用键盘钩子和鼠标钩子编写的全局钩子函数,功能:锁定桌面内所有进程,只留有F2解除锁定并卸载钩子!-Hook a keyboard and mouse using a global hook function hook preparation, function: lock the desktop, all the process, leaving only the F2 and uninstall the hook to unlock!
Win_HOOK
- Windows系统采用的是事件驱动的机制,也就是说,整个系统都是通过消息的传递来实现的。而钩子是Windows系统中非常重要的系统接口,它可以截获并处理送给其他应用程序的消息,来完成普通应用程序难以实现的功能。钩子可以监控系统或进程中的各种事件消息,截获发往目标窗口的消息并进行处理。我们可以在系统中安装自定义的钩子,监视系统中特定时间的发生,完成特定的功能。比如截获键盘、鼠标的输入、屏幕取词、日志监视等等。可见、利用钩子可以实现许多特殊而有用的功能。因此,对于高级编程人员来说,掌握钩子的编程方法
KillME
- 进程防杀,,HOOk由 taskmsg 发出的消息-The process of anti-kill,, HOOk message issued by the taskmsg
1-101120231449
- 禁止创建进程,使用hook ,间使用C语言,功能简单强大-Prohibit creation process, the use of hook, between the use of C language, a simple power function
Speed_Kill
- HOOK编程,截取了按键信息,当特殊按键按下时可以立刻结束用户开始设定的进程-HOOK program, the interception of the key information, a special button is pressed when the end user can immediately begin the process of setting
YYLrc
- YY歌词助手,自动改名的钩子 通过系统钩子实现输出窗口选取,用进程通讯实现歌词输出-YY lyrics assistants, the hook automatically helps you rename, use the system hook select the output window , the communication between processes realizes the output of lyrics
HookAPI
- 推荐一些Windows环境下的HOOK API各种示例源代码,包括网络、注册表、文件、对话筐、进程等各个方面,这是些编程常用到的HOOK示例,可作为资料保存,以备后用。 -To some of the Windows environment HOOK API source code for various examples, including network, registry, file, dialog baskets, and other aspects of the process,
HOOK_Process32Next
- .版本 2 HOOK_Process32Next.停止Hook () 返回值 = api_Process32Next (hSnapshot, lppe) 原进程名 = 指针到文本 (lppe + 36) 实际应用中 换用效率高的代码 输出调试文本 (原进程名) 新进程名 = “yinkirby” 写到内存 (新进程名, lppe + 36, ) 实际应用中 换用效率高的代码 HOOK_Process32Next.开始Hook () 返回 (返回值) -.
60857157FindWnd
- 驱动层Hook系统内核调用的,拦截对进程的操作的源码,提供7步tutorial,步步为营,教学驱动编程的-Qūdòng céng guàgōu xìtǒng nèihé diàoyòng de, lánjié duì jìnchéng de cāozuò de yuánmǎ, tígōng 7 bù jiàochéng, bùbùwéiyíng, jiàoxué qūdòng biānchéng de
jjjgff
- 驱动保护自身进程 让别人结束不了你自己的进程 呵呵 蛮好的 用到了HOOK技术-Drive to protect their own end of the process for others can not process your own Oh just fine to use the technology HOOK
debugtool
- hook 内核内存读写 隐藏进程 反汇编 发邮件 请联系作者wangjinrong_123@126.com-hook kernel memory read and write email hidden disassembly process please mail to author: wangjinrong_123@126.com
PS-Protect
- 保护进程不被任务管理器结束 VB Hook-Protect the Task Manager process is not the end of VB Hook
HookRPM
- 向进程注入托管程序集(Hook ReadProcessMemory Api)(C#源码)-To process into the managed assembly (Hook ReadProcessMemory Api) (C# source code)
HookSwapContext
- 通过Hook KiSwapContext来枚举隐藏进程-By Hook KiSwapContext to enumerate hidden processes
HookSSDTShadow
- Hook SSDT shadow 示例,首先找到csrss进程然后attach,最后修改ssdt shadow table-Hook SSDT shadow sample, first find the csrss process then attach, last modified ssdt shadow table
QQProtoTool
- qq2009协议分析工具,注入qq进程hook socket然后解密协议,是一个帮助学习qq协议的好工具。-qq2009 protocol analysis tools into the qq process hook socket and then decrypt the agreement is a protocol to help a good tool for learning qq.
Ring0levelprocessprotection
- HOOK技术的Ring0级进程保护组件设计与实现-HOOK technology Ring0 protection component level design and implementation process