搜索资源列表
HOOK.rar
- CALL 函数```明文发包`````````````````学封包的``可以学习下,CALL function `` `contract expressly ````````````````` learning packet `` can learn under
201031710519
- 锁定鼠标和键盘 采用钩子函数编写 可控制锁定时间 这是小弟自学钩子的成果 希望对各位有帮助 -Lock mouse and keyboard hook function with the preparation time can be controlled locking hook which is the little brother learning the results you want to help
HookCode
- VC++写的APIHook实例源代码,大致翻了一下,只挂引入表的函数,注入有SetWindowHookEx和CreateRemoteThread两种方式,进程枚举也区分了不同系统下使用的psai和toolhelp,另外为了获得Process的创建消息,做了一个驱动来注册回调函数,总的来说,在注入部分做得相当棒,如果想挂各种函数,可以结合detour使用。-VC++ to write the source code examples APIHook generally turned a bit,
IATHook_dll
- this is a simple IAT Hook Dll , whick hooks function send in ws2_32.d-this is a simple IAT Hook Dll , whick hooks function send in ws2_32.dll
webbrowser
- 网页自动操作示例程序,通过程序自动判断网页的内容,然后对网页进行操作,例子实现的是一个古老的网页游戏的外挂功能-Page automatic sample application, through the program automatically determine the content of the page, and then operate on the page, example implementation is an old plug-function web games
MSP430F54xx_UCOSII
- 适用MCU: TI MSP430 5XX 适用ucos-ii版本:2.86 编译环境:IAR4.11B 主要的工作: 在MICRIUM网站上430移植代码的基础上进行了修改:5XX系列PC寄存器为20位,堆栈的宽度仍为16位,因此在对PC和SR的压栈处理上做了修改;另外在汇编程序里调用HOOK函数的CALL XXX 改成 CALLA XXX -Applicable MCU: TI MSP430 5XX applicable ucos-ii version: 2.86 bui
testKeyMouse
- 用c#开发的鼠标键盘操作记录器,使用经典的Hook函数,后续会利用这个记录器再推出SendInput与之配合-C# development using the mouse keyboard recorder, to use the classic Hook function, follow-up will use the recorder to re-introduce a complementary SendInput
APIHook
- 勾了系统函数,可以修改API函数返回值以隐藏进程-Hook a system function, you can modify the return value of API functions to hide the process of
D3D_Starterkit_v3.0b
- D3D HOOK模块,可用于制作DX类游戏的外挂,如透视等效果,支持DX8,DX9游戏,用法是将D3D8或D3D9文件夹里的d3d9dev.cpp,d3d9int.cpp,d3d9tex.cpp中的函数内容修改后编译生成DLL,再编译Injector注入,编译环境最好用VS.NET2003,有相应DX SDK,注入器必须用自带的Injector,否则可能没有效果。-D3D HOOK module, can be used to create plug-DX games, such as the
ProtectMon
- 驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitabl
aodv_rrep
- 生成kaodv内核模块, 在内核Netfilter注册钩子函数 ,然后对数据包和 控制包进行不同的处理,并根据包中携带的信息更新对应的路由表。-Generate kaodv kernel module in kernel Netfilter hook function registered, then the data packets and control packets different treatment, and the information carried in accordanc
Tren
- 魔兽游戏里踢人 我们HOOK Send函数。如果我们和某个玩家私聊,假设输入7720668,那么肯定可以在pBuffer中搜索到这个字符串,然后我们关闭相应的socket即可实现T人了。(这里也说明了:只有主机才可以T人。因为通过伪造TCP、SYN、ACK数据包来实现,几乎不可能) -World of Warcraft game kicking us HOOK Send function. If we whisper a player, assuming that the input 7
PE
- 基本的驱动编程和客户端,客户端分析PE文件,重定位后,传给驱动,恢复被360 Hook的KifastCallEntry函数,同时,该源码还能实现对大多数安全软件进行强杀,如卡巴,360,瑞星,等等。仅限XP系统。-Basic programming and client-driven, client-side analysis PE file, re-positioning, passing drivers, restore 360 Hook' s KifastCallEntry func
KeyBoardFilterDriver
- 该代码的功能是设置键盘钩子,记录键盘操作记录,包括键盘扫描码。-the function of this code is setting keyboard hooking and keeping the log of keyboard operation,the scan code is also included in it.
apihook
- Hook到记事本的MessageBoxW函数 打开旧的记事本新输入几个字符,按新建就会看到HOOK的效果-Hook into Notepad MessageBoxW function of the old Notepad to open the importation of several new characters, according to a new you will see the effect HOOK
PEHOOK
- 可以实现PE HOOK。这种方法对于拦截、分析其他内核驱动的函数调用来说用的比较多。原理是根据替换 PE 格式导出表中的相应函数来实现的。 -Can achieve PE HOOK. This method for the interception, analysis of other core-driven function call is used more. The principle is based on PE format to export table to replace t
Movay_War3
- MovayWar3用全局钩子实现了改键的功能,该程序是用在魔兽3中改键的-MovayWar3 hook with the realization of the overall function of the change button, the program is changed in the Warcraft 3 keys
InlineHook
- 用全局钩子注入,用5字节跳转HOOK了封包发送接收的几个函数-With the overall hook implantation, with 5 bytes of the packet sent Jump HOOK received several function
NtQuerySystemInformation
- 这是介绍如何在Windows驱动层 HOOK NtQuerySystemInformation内核 函数的文章。 这篇文章超级详细的介绍了这个函数的每一个参数以及用法。-This is how the Windows kernel function driver layer HOOK NtQuerySystemInformation article. This article describes the super-detailed each parameter of this function
killhs
- 通过 HOOK PsCreateSystemThread 监控线程,入口函数特征码对比来过hs防护软件的保护,asm源码非常不错-HOOK PsCreateSystemThread through the monitoring thread, imported function signature hs been compared to the protection of protective software, asm source code is very good