搜索资源列表
Delphi-hide-porcess
- Delphi下真正隐藏进程的代码,由VC的代码转成D的,不是采用hook的方法实现的,真正从物理内存中去隐藏,绝大部分进程查看器找不着,效果不错-Delphi genuine process of hidden code, the code by VC D conversion. instead of using the hook method, and from physical memory to conceal most of the process viewer could not fi
XWPE
- 这是截包和发包的小工具(用到ws_32.dll和hook技术、共享内存。。),其中SendUdp.dll本来想用delphi写的因为vc++指针操作快,-This is the cut-off delivery of the package and small tools (used ws_32.dll hook and technology, shared memory. .) , SendUdp.dll which had wanted to use delphi write because
HookWriteProcessMemory
- 通过hook的方式的方式来写内存的例子:通常这一技术使用在外挂和内存注册机中,对初学hook的朋友有一定价值-hook through the modalities of the way to write the memory examples : Typically, the technology used in store and memory RI, on the hook when a friend has a certain value
leakfree
- 以malloc hook的方式检测内存泄漏的工具 -malloc hook to the memory leak detection tools
Api Hook和封包拦截技术
- const WM_UNSUBCLASS = WM_USER + 2001 //卸载子类化消息 WM_SENDDATA = WM_USER + 2003 //收到要发送新数据包的消息 type PMyDLLVar = ^TMyDLLVar //用来共享的内存数据结构 TMyDLLVar = record SubClass: Boolean //是否已经子类化 HookWindow, SpyWindow: LongWORD //要安装HOOK的窗口及用于接收消息的窗口 hHook: LongWORD
HOOKneicunduxie
- HOOK内存读写,.版本 2 .支持库 eAPI .程序集 窗口程序集1 .子程序 __启动窗口_创建完毕 -HOOK memory read and write. Version 2. Support library eAPI. An assembly window assembly 1. Subroutines _ __ launch window has been created
delphi-hook-readwrite
- delphi hook内存读写,可以拦截其他程序的读写操作以及读写数据,比如有些外挂可以用此工具找出他对游戏的具体操作,从而自己可以写一个功能和他一样的外挂出来-delphi hook memory read and write, can intercept and read and write operations of other programs to read and write data, for example, some plug-in can use this tool to f
VB
- 获得句柄容易,用GetCursorPos和WindowFromPoint就可以,但截获消息有点难,因为不在一个内存地址空间里。 用钩子 全局鼠标钩子。 -Get a handle easily, with GetCursorPos and WindowFromPoint can, but intercepted the message a bit difficult, because not a memory address space. Global mouse hook with
fighter9-29
- 程序的作用是在桌面生成一个会移动会开炮的icon,当它探测到面前有移动物体时就开炮,炮弹会把桌面炸开。一个简单的小程序,用到了API,钩子,内存映射。-The role of procedures in the Desktop Mobile will generate a fire will be the icon, when it is to detect moving objects before them on fire, artillery explosion will be the d
source_delete_new
- 解决内存泄露的源代码,重载了NEW DELETE 函数,通过获取指针的钩子,截获内存泄露的元凶-Solve the memory leak of source code, overloading the NEW DELETE function, through access to the hook pointer, memory leak intercepted the culprit
hook
- VBAPIHooker - API拦截类(这是主角,它需要用到以下三个类) VBMemoryAllocator - 内存分配管理类 VBPEFnLocator - PE文件导入/导出函数定位类 VBMiniWindow - 迷你消息窗口类-VBAPIHooker- API interception type (which is the main character, it needs to use the following three categories) VB
HookProcessMemory
- hook read/write process memory 本程序可以监视一些进程外的内存操作行为。可以用来分析某些内存修改器,内存补丁的动作。 附上VC6源代码,hookapi核心部分用的使用detours库,不懂可以baidu一下 作者:毕飞-hook read/write process memory of the program can monitor the operation of some process of memory behavior. Can b
NtOpenProcess
- Hook legal para aprender NtOpenProcess[Inline Hook]
55555
- 内存读取 基址 HOOK钩子 舞林外传代码舞林外传代码-Memory base address read HOOK hook code dance dance Lin Lin rumor rumored code
object-hook
- 信息隐藏亮点之一: 将rootkit作为资源隐藏于用户模式程序之中 亮点之二: 将这个用户程序代码作为生成密钥的引子,可以有效地防止逆向后,隐藏信息被纰漏,因为只有逆向后生成的 代码,跟原作者的代码丝毫不差,将来才能打开其隐藏至深的下载者链接及代码。 亮点之三:用一个固定的KEY,通过某种运算,产生出1024个密钥组成的数组。 然后用这个密钥组与用户代码进行运算,最终生成一个4字节的解码KEY。 利用解码KEY,在从加载到内存的驱动中,找出隐藏在其资源中的那份肮脏的 下载
SYSENTER-hook
- SYSENETER是一条汇编指令,它是在Pentium® II 处理器及以上处理器中提供的,是快速系统调用的一部分。SYSENTER/SYSEXIT这对指令专门 用于实现快速调用。在这之前是采用INT 0x2E来实现的。INT 0x2E在系统调用的时候,需要进行栈切换的工作。由于Interrupt/Exception Handler的 调用都是通过 call/trap/task这一类的gate来实现的,这种方式会进行栈切换,并且系统栈的地址等信息由TSS提供。这种方式可能会引起多
inlinehook_v1.1_by_solosky
- Inline HOOK API V1.1 thanks to 海风月影, xIkUg ,sucsor by solosky <solosky772@qq.com> created at 2011.06.29, updated at 2011.06.30 ---------------------------------- Inline HOOK API V1.1 2011.06.30 ----------------------------
Test
- 测试工程,注入外部dll,实现内存页面异常hook-memory access exception
PCIdemo_backup2015_5_13
- 基于RTX8.1,实现PCI板卡查找,中断挂接,内存读写操作,以及WIN32与RTX共享内存操作-Based RTX8.1, achieve PCI card search, interrupt hook, memory read and write operations, and WIN32 with RTX shared memory operations
微信
- PC微信内存操作 收发文字消息 图片消息 转账消息 邀请进群 自动同意好友申请 转账提示 wxid提取 邀请进群 直接、连接(PC WeChat memory operation, send and receive text messages, picture messages, transfer messages, invite groups to automatically agree with friends, apply for transfer, promp