搜索资源列表
shared memory in DLLs
- 共享DLL中的变量,可以让多个程序共用一个程序.-shared DLL variables, which allows multiple processes to share a procedure.
进程查看源码
- 内存进程/模块查看器(含源码) 发信站:安全焦点(2001年4月16日11时50分22秒) Process ...PS.exe(执行文件),PSAPI.dll(NT4的动态链接库), -memory processes / module viewer (including source code) wrote station : security focus (at 11:50:22 on April 16, 2001) ... PS.exe Process (Enforcement), PSA
[delphi]MemDll_unit_example
- MemDll unit example,在内存中运行DLL。gooD-MemDll unit example, in memory running DLL. GooD!
sysmon
- define the dll exported functions,用于检查系统状态,若有cpu或者memory使用正常,则返回错误-define the dll exported functions, Inspection System for the state, if memory or cpu normal use, the returned error
SharedDll
- 这个程序是我尝试使用dll共享内存段的代码。当多个程序调用dll时,dll中会产生一块所有程序可以访问的内存块,可用于用于进程通信和控制。-this procedure is to try to use the shared memory of the dll code. When the number of procedures called dll, dll will have an all procedures can access blocks of memory, process ca
EnTeHandle_1
- EnTeHandle可以让你查看当前进程打开的句柄。句柄可以是文件、事件、互斥信号量等等。此外,你也可以查看进程当前打开的DLL,线程信息,进程内存,甚至是动态更新。也可以搜索dll和句柄-EnTeHandle can let you see the current process opened handle. Can handle documents, events, etc. mutex semaphores. In addition, you can view the current pr
DynamicDllLoading_demo
- dll 动态加载类的简单例子. 类中只有两个虚函数:Create() 和 Destroy().-class loaded dynamically in dll. Only 2 virtual functions are important in this class: Create() and Destroy(). Create() function returns TRUE if the DLL is loaded correctly and an instance handle obta
DllPatch
- DLL内存补丁,可查找进程中的dll模块,对dll模块的基地址相对偏移处修改内存,相比流行的进程内存补丁更进了一步-DLL memory patch can be find in the process of dll module, dll modules of relatively offset base address corrections memory, compared to the process of popular memory patch has taken one step
Runadllinmem
- 收集到的可以在内存中直接运行DLL的源码-Collected can be directly run the DLL in memory of the source
romdll
- 将DLL读入到内存,然后运行,有可能报毒,加壳后应该没有问题。-Read the DLL into memory, then run, there may report drug, packers should be no problem after.
processhacker
- 进程查看工具,用于查看和操作流程。 其最基本的功能包括: *查看,终止,暂停和恢复进程 *重新启动进程,创建转储文件,分离从 任何调试,查看堆,注入的DLL等。 *查看详细过程的信息,统计,和 性能信息 *查看,终止,挂起和恢复线程 *查看详细令牌包括修改的信息( 权限) *查看和卸载模块 *查看内存区域 *查看环境变量 *查看和关闭处理 *查看,控制和编辑服务 *查看和关
dllzhuru
- DLL的远程注入技术 - DLL的远程注入技术是目前Win32病毒广泛使用的一种技术。使用这种技术的病毒体通常位于一个DLL中,在系统启动的时候,一个EXE程序会将这个DLL加载至某些系统进程(如Explorer.exe)中运行。这样一来,普通的进程管理器就很难发现这种病毒了,而且即使发现了也很难清除,因为只要病毒寄生的进程不终止运行,那么这个DLL就不会在内存中卸载,用户也就无法在资源管理器中删除这个DLL文件,真可谓一箭双雕哉。 -The remote DLL injection tec
ModuleRun
- 运行程序脱离文件映射困扰,程序运行后可对程序做任意操作,包括删除程序,内存中保留代码. 用rundll32.exe加载dll,然后在dll中重新加载自身并FreeLibrary原先加载的那份脱离隐射-Run the program from the file mapping problems, after running the program can do any action, including the deletion of the program, the memory reser
SearchFunAddr
- 一些用来查找特定dll中特定函数在内存中地址的小程序-Some dll used to find a specific function in a specific address in memory applet
DELPHI-system-process-viewer
- 重点阐述了如何获取系统的所有进程以及进程运行过程中所调用的模块文件(如EXE、DLL文件),并且介绍了终止进程操作和查看进程内存用量的具体方法。-Focuses on how to get the system files of all processes and process modules called during operation (such as EXE, DLL files), and introduced the specific method to terminate the
MemoryLoadDll
- 内存装载DLL并调用 内存装载DLL并调用-Memory load DLL and call Memory load DLL and call