搜索资源列表
FU_Rootkit.zip
- rootkit工具,可以隐藏进程和驱动
rk_044
- NT Rootkit-NT Rootkit
Open Ports v1.2
- 和fport接近的一个东西,但是可以看被rootkit隐藏了的端口-and typically close to one thing, but can be seen to be hidden rootkit port
Open Handle v1.0
- Open Handle as a part of Hacker Defender rootkit
byshell067beta2&src
- byshell v0.67 beta2,是一个测试中的ring3 NT rootkit。-byshell v0.67 beta2, is a test of ring3 NT rootkit.
hideme
- Rootkit,用来隐藏进程, 是从系统底层彻底隐藏哦(用process32frist等看不到)。 原本出自www.rootkit.com 我把他修改抽象出了一个hideme函数。 只要在程序中调用就可以了。 另外需要一个sys的支持,我放进来了。 但可能会被某些杀毒软件以为是病毒哦!-Rootkit, to hide the process from the system is completely hidden Oh bottom (using other process32frist
RootKit
- 简单介绍了rootkit,以及在Unix和Windows部分编写和检测,rootkit的未来展望-Introduced a simple and rootkits, as well as writing and testing part of Unix and Windows rootkit Future
Rootkit-V0.1
- 某ROOTKIT 的源码,运用了各种SSDT HOOK以及INLINE HOOK,可躲过大部分工具检测-A ROOTKIT source, using the SSDT HOOK HOOK INLINE, can escape most of the tools to detect
07670268VipShell-rootkit-module
- small rootkit, just for fun and study.
RootKit
- 基于线程调度链表检测rootkit,内核态下使用threadlist检测-Detect rootkit-based thread scheduling Chain
kssd-rootkit
- 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring
rootkit
- 新Rootkit取证技术的原理及方法 新Rootkit取证技术的设计与实现-The Design and Implementation of the principles and methods of the new the Rootkit forensics technology new Rootkit forensic technology
BIOS-Rootkit
- 本文介绍一个简单BIOS rootkit的简单设计过程-This article describes a simple BIOS rootkit simple design process
agony-rootkit
- this the agony rootkit source code.-this is the agony rootkit source code.
A-Journey-to-the-Center-of-the-Rustock.B-Rootkit.
- A Journey to the Center of the Rustock.B Rootkit
rootkit-master
- mnps是一个可以隐藏程序、文件、自身模块的Linuxrootkit-mnps is a linux rootkit to hide processes ,files and itself.
the_flying_circus
- One of the best rootkit source code for MacOS supporing 10.x platform.
HideProcess
- 内核级别隐藏线程 rootkit VC写的(Kernel hidden thread)
knark-2.4.3
- 一款rootkit工具,Linux平台下使用,可实现文件、进程、网络、模块的隐藏(A rootkit tool, under the Linux platform, can be used to hide files, processes, networks and modules.)