搜索资源列表
direct-IO-disk-
- 直接读写硬盘源代码,包含RING0和RING3代码 -Direct DISK to read and write the source code, including RING0 and RING3 code
Ring0MessageBox_Src
- 驱动层主动与应用层通讯的例子,需要一定的驱动基础-Ring0MessageBox from ring0 to ring3
Coolvibes
- 这个是一个西班牙的家伙用DELPHI开发的远控,已经测试编译通过。 包内有madCollection,控件。 此远控没有过免杀,为学习用途,为ring3级别的,较为专业的远控是ring0层级别的. 欢迎大家一起学习交流远控的知识。-This is a Spanish guy DELPHI developed remote control has been tested compile. Package madCollection, control. Never had this re
kssd-rootkit
- 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring
avscan
- 杀毒软件MiniFilter框架源码,包括ring3应用程序和ring0驱动程序。-The antivirus software MiniFilter framework, including ring3 application and ring0 driver.
a
- The asm is to loader a ring3 dll from ring0,i think good!hope you too!
SSDT
- 城里城外看SSDT,ring3与ring0之间-Outside the city to see SSDT, ring3 and between ring0
SSDT
- 城里城外看SSDT,ring3与ring0之间-Outside the city to see SSDT, ring3 and between ring0
qudongzhongdeneiheguanli
- 驱动中的内存内核管理详细记载用法等 物理内存 B、 虚拟内存 C、 Ring0地址和Ring3地址 D、 驱动程序和进程的关系 E、 分页和非分页内存 F、 分配内核内存 -Driver in the memory core management records in detail, such as the use of
srccode
- DeviceIoControl函数在ring0和ring3的交互示例 不用多说了吧-DeviceIoControl function in an interactive example ring0 and ring3 Needless to say it. . .
全局句柄表枚举进程(支持x64)
- 使用ring3与ring0层通信,遍历内核全局句柄表完成进程枚举,有对僵尸进程的判断处理。支持x86,x64。
DeviceControl
- ring3与ring0通信,配合之前的Shadow hook!简单明了-ring3 communicate with ring0, with the previous Shadow hook! Foolproof
[7-2]EnumRemoveImageNotify
- 枚举与删除映像回调,映像回调可以拦截RING3 和 RING0的映像加载。- Enumerate and delete image correction, image correction can intercept RING3 and RING0 the image is loaded.
user
- 用户态与内核态的通信,是windows内核的ring3与ring0 的通信
sedirected
- Switch ring3 to ring0 从ring3切换到ring0的代码-The Switch ring3 to ring0 Switch ring3 to ring0 code
excedtion_hardware
- Windows2000 XP 从Ring3层进入Ring0层的一种方法,还可以-Windows XP Ring3 layer into Ring0 a kind of method, can also
rinp3_The
- Switch ring3 to ring0 从ring3切换到ring0的代码-The Switch ring3 to ring0 Switch ring3 to ring0 code
cide
- The Switch ring3 to ring0 Switch ring3 to ring0 code-The Switch ring3 to ring0 Switch ring3 to ring0 code
kigd
- Windows2000 XP 从Ring3层进入Ring0层的一种方法,还可以(Windows XP from Ring3 layer into Ring0 a kind of method, can also)
riea3-The-Switch
- Switch from ring3 to ring0 从ring3切换到ring0的代码(The Switch from ring3 to ring0 Switch from ring3 to ring0 code)