搜索资源列表
hookntcontinue
- ring0--hook NtContinue+source_code ring0下面hookNtContinue 使用drx7寄存器实现的hook this code hooks ntoskrnl!NtContinue to set dr7 to 0 (no updating of dr7) so NtContinue called from ring3 cannot alter drX registers... This hook will only PREVENT dr
HookLibrary
- Hook Api Library 0.2 [Ring0&3] By Anskya Email:Anskya@Gmail.com ring3 inline hook For Api Thank: 前29A高手也一直都是我的偶像...z0mbie大牛...这里膜拜一下 使用的LDE32引擎是翻译他老人家的...C->Delphi... 说明: 1.利用堆栈跳转 没有使用传统的jmp xxxx 长跳转,使用容易理解的push xxx
DaMousePrototypeB
- Ring0和Ring3下的Rootkit源代码。很棒。
HookAPI
- Hook CreateFileA ,Ring3下的inline Hook
KeyHook
- 本例子演示了ring3键盘钩子获取q密码。仅用于研究用途!切记!本例子造成一切后果与作者无关。-This example demonstrates ring3 keyboard hook for q password. Only for research purposes! Remember! This example has nothing to do with the author all the consequences caused.
r3_Hook_NtDeviceIoControl
- Ring3挂钩实现网址过滤、重定向——《另类挂钩-RING3数据包监视》-Ring3 linked to achieve URL filtering, redirection- the " alternative hook-RING3 packet monitoring."
hookzwquery
- 用汇编实在Ring3 和 Ring0 下的Inline HooK-It Ring3 and assembly under the Inline HooK Ring0
ring3_inline_hook_demo
- tat hook api 在一个文件中对自身调用的api进行hook的一个例子。-tat hook api in a document of its own hook to call api
MagicAPiHook
- Magic ApiHook Ring3(usermode) hooks
Dll
- 完整的ring3 hook openprocess 包含 VB 調用例子而且非常穩定-Full ring3 hook openprocess includes examples of VB calls and is very stable
AntiHookExec
- Anti Hook from ring3
keymon2008
- * 运用hook 钩子技术,截取到用户的输入-Keylogger hook keyboard ring3 source
MagicApiHook
- Delphi Source Code: === === === === === === === ==== Magic Api Hook Engine v1.0 - Date: 2006.04.24 this is a simple all around process api hooker UserMode(Ring3) just for WinNT family By: Magic_h2001 - magic_h2001@yahoo.com Home: http://m
HooklibEx
- 【源码】ring3 inline 钩子库 HooklibEx-【Source】 ring3 inline hook library HooklibEx
hook-RING3
- 另类挂钩-RING3数据包监视 另类挂钩-RING3数据包监视-Alternative hook-RING3 packet monitoring alternative hook-RING3 packet monitoring
SSDT--11
- SSDT的全稱是System Services Descr iptor Table,系統服務描述符表。這個表就是一個把ring3的Win32 API和ring0的內核API聯繫起來。SSDT並不僅僅只包含一個龐大的位址索引表,它還包含著一些其他有用的資訊,諸如位址索引的基底位址、服務函數個數等。 通過修改此表的函數位址可以對常用windows函數及API進行hook,從而實現對一些關心的系統動作進行過濾、監控的目的。一些HIPS、防毒軟體、系統監控、註冊表監控軟體往往會採用此介面來實現自
SSDT
- 详解系统服务描述符表,即SSDT。作用是把ring3的win32 api和ring0的内核api联系起来-Detailed system service descr iptor table, the SSDT. Role is to the win32 api and ring0 ring3 kernel api link
MsgHook
- Ring3系统消息钩子管理功能的实现,上传CPP以及.H,简单,给需要的人-Ring3 system message hook management functionality, as well as upload CPP. H, simple, to those who need
hooklib
- 一个hooklib,使用distorm解析指令 支持 ring0 & ring3 以及 x86 & amd64 -A hooklib use distorm parsing instructions Support ring 0, & ring3 as well as x86 & amd64
Ring-3-HookApiLib-SharpNo-WriteProcessMemory
- { Ring3 Hook api Demo By Anskya Email: Anskya@Gmail.com www.delphibasics.co.nr //In this example, the phrase "Hello World" is checked and changed to "Goodbye World" }-{ Ring3 Hook api Demo By Anskya