搜索资源列表
BIOS-Rootkit-
- Intel从386开始,在调试方面引入了调试寄存器和硬件断点的概念。 IA-32处理器定义了8个调试寄存器,分别为DR0~DR7。在32位模式下,它们都是32位的;在64位模式下,都是64位。 DR4和DR5是保留的。其他6个寄存器为:4个32位的调试地址寄存器(DR0~DR3);1个32位的调试控制寄存器(DR7)和1个32位的调试状态寄存器(DR6)。通过以上寄存器可以最多设置4个断点,DR0~DR3用来指定断点的内存(线性地址)或I/O地址。DR7用来进一步定义断点的中断条件。
gh0st-3.6
- full source code to gh0st, rootkit for windows
SuperHideDll_Achillis_SrcSource
- 隐藏驱动源代码,是学习rootkit的很好的参考资料,值得下载学习-Hide the driver source code, a rootkit is to learn a good reference, it is worth learning download
basic_rootkit
- This an simple rootkit source file.-This is an simple rootkit source file.
wp-stripping-down-av-engine
- wp-stripping-down-av-engine.pdf is very useful to know about rootkit
XueTr
- XueTr(简称XT)是一个强大的系统信息查看软件,也是一个强大的手工杀毒软件,用它可以方便揪出电脑中的病毒木马,目前它支持32位的2000、XP、2003、Vista、2008、Win7系统。-XueTr is a free anti-virus&rootkit utility.It offers you the ability to detect, analyze and fix various kernel structure modifications and gives you a w
enyelkm.en.v1.1.tar
- ENYELKM rootkit, source code. www.ossec.net/rootkits/enye-sec.php
suckit2priv.tar
- \item{SucKIT} Oct 13, 2005 (2.2.x & 2.4.x kernels) http://packetstormsecurity.org/files/40690/suckit2priv.tar.gz http://packetstormsecurity.org/files/26371/sk-1.3a.tar.gz http://needleseek.msra.cn/result.aspx?query=SucKIT 1. SucKIT ( see[ SUK
portacelo
- Nombre: Portacelo Versión: 0.7 Fecha de creación: 18/11/2002 Para versión de kernel: Desconocido Arquitectura: Desconocido Autor: Desconocido Tipo de rootkit: Parece un LKM Código disponible: Si, aunque parece no estar c
Trojanit.tar
- Linux Rootkit, be careful with this! :-)-Linux Rootkit, be careful with this! :-)
Windows_Rootkit
- 学习rootkit很有用的资料,对于在windows下学习rootkit很有帮助-Learning rootkit useful information, for learning in the windows rootkit helpful
Simple_rootkit
- 一个简单的rootkit,具有基本的隐藏、网络通信功能。-A simple rootkit, hidden with the basic network communication
HttpProject
- 小型web服务器,可自定义端口 记录日志-Everything is in the rar, could be of use for people who do not want to install or run IIS on a rooted box or want to run a hidden file servers, should work well with a rootkit as well
GdiQueryTable
- 利用GDI句柄表里储存的进程ID来探测系统里是否有被Rootkit隐藏的进程。-Use the process ID stored in the GDI object table to detect whether the process is hidden by a rootkit.
NTIllusion
- NtIllusion: Userland rootkit for windows NT/2000/XP systems. Author: Kdm (Kodmaker@syshell.org)
ROOTKIT
- rookit 编写 整理框架齐全,包括进程隐藏,文件隐藏,服务隐藏,注册表隐藏,端口隐藏等。各种隐藏方式,是学习rookit很好的资料-Rookit write complete finishing framework, including the hidden process, hidden files, hidden services, hidden registry port hidden. A variety of hidden learning rookit good informat
1xy7z.ZIP
- 基于模糊识别和支持向量机的联合Rootkit动态检测技术研究Based on fuzzy pattern recognition and support vector machine combined with Rootkit dynamic detection technology research-Based on fuzzy pattern recognition and support vector machine combined with Rootkit dynamic detect
Designing_BSD_ROOTKIT.pdf
- BSD_ROOTKIT_设计 本书将介绍 FreeBSD 操作系统下内核模式 rootkit 编程和开发的基础知识。通过“跟着例子学习”的方法,我将详细介绍 rootkit 所采用的不同技术,这样你能在最底层上理解是什么构成了 rootkit。应该说明的是,这本书没有包含或分析任何“完全成形”的 rootkit 代码。实际上,本书主要关注的是如何使用一种技术,而不是使用技术来做什么事。-BSD_ROOTKIT_ design book will introduce the basics of
Rootkitahook
- 很经典的系统内核的编程资料。内含经典ROOTKIT源代码。主要介绍了如何利用HOOK来操作内核。-The classic system kernel programming information. Contains classic ROOTKIT source code. Is mainly introduced how HOOK kernel to operate.
A-Protect0.2.5
- A-protect 开源的anti-rootkit项目,各种内核hook和内核机制的检测,国内首例。-A-protect open source anti-rootkit project, including all kind of hook points and kernel mechanism. The first release.