搜索资源列表
ObjectHook.code
- 内核OBJECT HOOK代码-大家可以-OBJECT HOOK kernel code- everyone can see
SSDT-hook
- Windows内核态SSDT-hook实现进程隐藏和文件隐藏,代码很规整,学习内核编程的好例子 -a good example of studying kernel programing or driver developing, SSDT hook
anti-ssdt
- Windows XP是通过sysenter调用KiFastCallEntry将ntdll.dll的调用切换到内核的。KiFastCallEntry的原理是通过在SSDT中查找函数地址跳转。所以只要伪造一张原始SSDT,就可以使得SSDT-HOOK无效了。-Windows XP by calling KiFastCallEntry sysenter ntdll.dll call will switch to the kernel. KiFastCallEntry SSDT principle i
inlineKiInsertQueueApc
- 内核hook KiInsertQueueApc apc级保护进程-Kernel-level hook KiInsertQueueApc apc protection process
antihook_src
- 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
arktool
- 1、息钩子监视:列举系统上的消息钩子。 2、块加载监视:列举系统上加载的所有内核模块 3、SSDT监视:通过得到原始的SSDT地址来得到被恶意程序HOOK的API以及恢复SSDT 4、注册表保护:对一些重要的注册表项进行保护,防止恶意程序对其进行修改。 5、隐藏进程检测:检测出系统中隐藏的进程。 6、隐藏端口检测:检测出系统中隐藏的端口。 7、进程强杀:能够*系统中的对自身保护的恶意进程。-1, the interest rate hook monitor
HookOdROBH
- Hook内核API-ObReferenceObjectByHandle,实现进程保护,防止被保护的进程被kill掉(360杀不掉它)。-Hook the kernel API-ObReferenceObjectByHandle, in order to protect process so that the protected process can not be killed by others.
Hook-ZWopenprocess
- 内核开发,主要介绍如何通过SSDT表HOOK函数。-Kernel development, focuses on how the SSDT table HOOK function.
kernel-Inline-Hook-word-doc
- kernel Inline Hook word doc 详谈内核三步走Inline Hook实现-kernel Inline Hook word doc go into the details to achieve core three-step Inline Hook
VB-Del-Kernel-Hook
- VB恢复内核钩子的一个示例工程文件。可以调试。-VB restore a core sample project file hook. For debugging.
Linux-Network-Kernel-Stack
- Linux网络核心堆栈。本文讨论模块编写者如何利用Netfilter hook 来实现任意目的以及如何将将网络通信在基于Libpcap 的应用程序中隐藏。-Linux core of the network stack. This article discusses how to use Netfilter hook module writers to achieve any purpose and how the network communications applications base
debugtool
- hook 内核内存读写 隐藏进程 反汇编 发邮件 请联系作者wangjinrong_123@126.com-hook kernel memory read and write email hidden disassembly process please mail to author: wangjinrong_123@126.com
cgaty
- this a rootkit basic. it hook kernel windows : GDT table. it creates a back door.-this is a rootkit basic. it hook kernel windows : GDT table. it creates a back door.
CPP_KBD_HOOK
- C++开发的键盘钩子模块 分为两个部分,一个是钩子内核程序 一个是钩子的启动程序 值得学习-The keyboard hook module C++ development divided into two parts, one is the hook kernel program is a hook launcher worth learning
hook-kernel-tut-1
- hook kernel tut 1, code in c++, build with wdk
hook-kernel-tut-2
- hook kernel tut 2, code in c++, build with wdk
hook-kernel-tut-4
- hook kernel tut 4, code in c++, build with wdk
hook-kernel-tut-5
- hook kernel tut 5, code in c++, build with wdk
hook-kernel-tut-3
- hook kernel tut 3, code in c++, build with wdk
hook
- windows内核编程,利用底层键盘钩子屏蔽任意按键-windows kernel programming, the use of the underlying keyboard hook shielding any key