搜索资源列表
zhuoran
- 主要通过hook ssdt api 进行驱动保护 -Mainly driven by hook ssdt api protection
registry-monitor
- windows注册表监控源码。Ring0级中HOOKSSDT实现。-Windows registry monitoring source. The level Ring0 hook SSDT achieve.
Driver Loader/Unloader Example Source Code
- self explantator winddk needed
Hook_SSDT_NtOpenProcess
- Hook SSDT NtOpenProcess,驱动实现Hook内核函数。- Hook SSDT NtOpenProcess, drive to achieve Hook kernel function.
HOOKSSDTPROCESS
- HOOK SSDT进程保护用户层的无法关闭 -HOOK SSDT process layer to protect the user can not close
SSDThooksample
- 比较流行的 hook ssdt技术 系统内核钩子-Hook ssdt more popular hook-core technology systems
SSDThooksample
- 比较流行的 hook ssdt技术 系统内核钩子-Hook ssdt more popular hook-core technology systems
HookShadowSSDT
- hook shadow ssdt keylogger - sth like regin code
ssdt_hook
- ssdt完整稳定源码,第一个例子HOOK了ZwSetInformationFile保护test.txt文件不被删除 第二个例子HOOK了NtOpenProcess保护PID大于1000的进程不被结束-ssdt complete stable source, ssdt complete stable source, ssdt complete stable source
[3-4]SSDTHookUnhook
- C++下64位系统的HOOK SSDT内核源码 VS2013 wdk8.1编辑-C++ 64-bit system HOOK SSDT kernel source VS2013 wdk8.1 editor