搜索资源列表
驱动级隐藏进程
- 驱动级隐藏进程代码,SSDT HOOK
获取进程启动和结束的时间
- 获取进程启动时间和结束时间
驱动Kill进程源代码
- 可以Kill系统的任何一个进程的驱动源代码
RING0.RING0下检测用HOOK SSDT隐藏进程的代码
- RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。,RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
KillProcess 驱动级进程技术源码 XP 32下稳定
- 驱动级进程技术源码 XP 32下稳定 可以结束微点杀毒软件进程-Drive-level process technology, stable source XP 32-point anti-virus software can end the process of micro-
隐藏 文件和进程 的驱动代码
- 隐藏 文件和进程 的驱动代码,Hidden files and process-driven code
DriverEndProcess.rar
- 使用驱动技术可以关闭任意指定进程提升应用程序权限,The use of drive technology can shut down any process of upgrading applications designated authority
HideDriver_source.rar
- 在驱动下实现进程隐藏,在驱动下实现进程隐藏.,在驱动下实现进程隐藏,在驱动下实现进程隐藏.
wsHideDLL.zip
- Dll进程注入 一种简单的方法隐藏进程 在dll中运行代码,The simplest ways to hide a process is to have no process Basically what you need to do is place your meaningful code in a DLL, inject that DLL in an inconspicuous process (like Explorer.exe) and run your code. This can
xpHIDEpROCESS.rar
- 用驱动隐藏指定进程,用任务管理器和360看不到,Specify the process used to hide drives, using Task Manager and 360 can not see
UpLoad
- 驱动枚举进程,控制线程AFFINITY,通过修改EPROCESS,ETHREAD ,KTHREAD 等结构,修改AFFINITY-thread affinity control in windows driver
EnmuProcessByThread
- 用线程枚举系统中的进程,可以用于检测隐藏进程。-Enumeration using threads in the process of the system can be used to detect hidden processes.
Miss920
- Miss920程序行为监视器,运用SSDT HOOK技术,可以简单有效的监控程序行为,现在已经实现了进程监控,文件监控,注册表监控,并且可以有效快捷地进行二次开发。-Miss920 monitor program behavior, the use of SSDT HOOK technology, can be simple and effective monitoring of program behavior, the process has already been realized to
BehaviorProMon
- 程序行为监视器,东辉编写,发表在黑客防线,可以监视进程的文件、注册表、驱动等一系列操作。-Monitor program behavior, Donghui prepared and published in hacker defense, you can monitor the process, file, registry, drivers and a series of operations.
ProtectMon
- 驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitabl
Drivehide
- 易语言驱动隐藏进程源码Yi language drive hidden proce-易语言驱动隐藏进程源码Yi language drive hidden process
tcpview_sys
- tcpView驱动源码,能检测到本机的进程的端口连接-the tcpview
DEp0i3Ec
- 进程保护程序,可以保护多个进程,包含测试程序-Process protection program that can protect the multiple processes, including test procedures
MyHider
- 一个用来隐藏进程、通过修改PEB隐藏进程模块、通过修改VAD树隐藏进程模块的示例驱动,注释良好,适合初学者。-A driver for hiding the process and the process modules, with smooth comments.
process
- 驱动级的,进行进程查询的。-Driver class for the process of inquiry.