搜索资源列表
NtQuerySystemInformation
- 这是介绍如何在Windows驱动层 HOOK NtQuerySystemInformation内核 函数的文章。 这篇文章超级详细的介绍了这个函数的每一个参数以及用法。-This is how the Windows kernel function driver layer HOOK NtQuerySystemInformation article. This article describes the super-detailed each parameter of this function
kernelspyfiles
- 内核模式的API间谍- 我们将扩大我们的模式,内核模式从事间谍活动,并钩的API调用这是由我们的目标设备驱动程序。 我们还将推出一个全新的沟通方式之间的内核模式驱动程序和用户模式应用-而不是使用系统服务,我们将执行我们自己的小型版本的异步过程调用。 -Kernel-mode API spying- We will expand our model, kernel-mode engaged in espionage activities, and hook the API call it is
KernelHook
- Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Hook
- 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-ho
ZwOpenProcessHook
- ZwOpenProcess SSDT Hook test to catch open process information. Compile it with Meerkat Advanced kernel mode driver GUI for KmdKit4D. Link: http://www.mediafire.com/?hbhjorv8797k2-ZwOpenProcess SSDT Hook test to catch open process information.
easyhook-71015
- EasyHook starts where Microsoft Detours ends. This project supports extending (hooking) unmanaged code (APIs) with pure managed ones, from within a fully managed environment like C# using Windows 2000 SP4 and later, including Windows XP x64, Window