搜索资源列表
httpdisk-5.zip
- HttpDisk is a virtual disk driver for Windows that uses HTTP to mount disk or CD/DVD images from a web server. It is also a demonstration on how to do network communication from kernel mode on Windows using the TDI interface.,HttpDisk is a virtual di
kernel-reload
- 这份是重载内核,知道重载内核能干什么了,基本所有的ssdt和shadow ssdt都能恢复,神马hook之类的弱爆了-This is overloaded kernel know to reload the kernel can do the basic the all ssdt and shadow ssdt, will recover, of Shenma hook like a weak burst
RegDriver
- Ring0级操作注册表!在驱动开发中,经常会用到对注册表的操作,与Win32的API不同,DDK提供另外一套对注册表操作的相关函数,本代码给出了内核模式下对注册表的所有操作实例!-Ring0 registry class operation! At driver development, often used for the operation of the registry with Win32' s API different, DDK provide another set of r
Windows
- 本书非常适合熟悉Windows应用编程的读者转向驱动开发。所有的内容都从最基础的编程方法入手。介绍相关的内核API,然后举出示范的例子。这本书只有不到70页,是一本非常精简的小册子。所以它并不直接指导读者开发某种特定类型的驱动程序。而是起到一个入门指导的作用。-This book is very familiar with the Windows application programming for the development of readers turn to drive. All o
DiskMon
- DiskMon运行在NT4上才加载驱动,在W2k以上平台其使用kernel event tracing实现磁盘活动的监视, 但其驱动可以跑在W2k/XP/2K3/Vista上 该驱动Hook了disk的driver dispatch例程,不仅可以监视磁盘活动,稍微改下还能拦截、修改上层对磁盘的读写, 很容易就可以搞个什么 基于Disk的 -DiskMon only run on NT4 load on the drive, more than W2k platform in i
Windows_Kernel_Security_Programme
- 这是《寒江独钓——Windows内核安全编程》配书光盘,源码包括:Windows串口与键盘过滤驱动、Windows虚拟存储设备与存储设备过滤驱动、Windows文件系统过滤驱动、文件系统透明加密/解密驱动、Windows各类网络驱动(包括TDI过滤驱动及3类NDIS驱动),以及最新的WDF驱动开发模型-This is the " Snowy River fishing alone- Windows kernel security programming" book with C
cp-kernel-5.doc.tar
- linux-kernel 的学习手册页 -fjkladsjfklasdjkfl sadjkf jsaf
DriverFirewall
- 一个支持 windows xp 的驱动防火墙的源代码,用来监视系统内核驱动的加载。-Windows xp driver to support a firewall source code, used to monitor the loading of kernel drivers.
file_encrypt_decrypt
- 《寒江独钓——Windows内核安全编程》中文件系统透明加解密一章所对应的源代码,对于指定的进程所对应的文件进行加解密-" Trees and fishing alone- Windows kernel security programming" in the file system transparently encrypt and decrypt a chapter corresponding source code, for the process specified
delphi_PspTerminateProcess
- delphi版内核调用PspTerminateProcess杀进程源码,在ring3下搜索PspTerminateProcess地址,传给ring0,然后在ring0下调用。-delphi kernel call PspTerminateProcess kill the process, source code, in the next ring3 search PspTerminateProcess address, passed ring0, and then ring0 invoked.
KeyBoardLog
- 内核*工具,完美截取XX宝等密码,好用,使用-Kernel keylogger tool, a perfect treasure such as interception XX password, easy to use, use the
InlineHookScan
- 驱动层搜索内连HOOK,查看SSDT中的内核函数的开头是否被内连HOOK-Search within driving layer with HOOK, see SSDT in the beginning of the kernel function is to be in with HOOK
phunter
- Open Source Utility for detecting hidden processes that is working in the kernel and have more than 12 ways for detecting hidden processes, actual engine written in C and the user interface & some other stuff written in Delphi.
KSM.2010.03.22
- kernel Socket Module
Nt-kernel-method
- nt内核函数,包含了常用的nt内核函数名及功能,适合内核及驱动编程人员参考。-nt kernel functions, including a common kernel function name and function of nt, for the kernel and driver programmers reference.
win-kernel-programming-code
- 寒江独钓-Windows内核安全编程所有源代码-Painting by all-Windows kernel security programming source code
Kernel-programming
- 由汇编到内核编程,很不错的教程,建议阅读,有前人开发的心得体会-By the assembly to the kernel programming, very good tutorial, recommended reading, the development of feelings and experiences with previous
App-kernel-soft
- 本源码学习要点:普通应用程序如何与内核驱动通讯。 主要功能:实现了禁止打开某个程序和禁止非法关闭某个程序。 注意事项:本程序只在Windows XP下测试过。-The source learning points: how applications communicate with the kernel driver. Main features: Do not open a program and the prohibition of illegal closure of a prog
App-kernel-soft
- 本源码学习要点:普通应用程序如何与内核驱动通讯。 主要功能:实现了禁止打开某个程序和禁止非法关闭某个程序。 注意事项:本程序只在Windows XP下测试过。-The source learning points: how applications communicate with the kernel driver. Main features: Do not open a program and the prohibition of illegal closure of a prog
Windows内核源码详尽分析
- 根据内核源码的分析文档,word 文档.(windows kernel source analyze)