搜索资源列表
JiurlPebSee
- jiurl写的一个查看PEB的程序,有参考价值-jiurl write a check radiotherapy procedures, reference value! !
EnumPeb
- 进程的PEB在以前os上是个定数,但在xp后,有所变化,这个程序可以动态获得各个版本下不同进程的PEB,有效解决硬编码问题。获得了peb,就可以获得进程的命令行参数,获得了命令行参数就知道对应进程打开了什么文件,然后给该进程发送WM_CLOSE,就可以关闭该进程打开的文件了,是不是很神奇,但这里只介绍了动态获得PEB的方法。
basic_v2.1
- Basic hack v2.1 by xgx - http://www.ring0.donster.de/ Features: - Smooth Vector Aimbot - Full ESP ( Namen,Weapon,Distance,Visible,Far) - polymorph,peb hiding to prevent VAC detection
HideModule(PEB).rar
- VC编写的应用层下通修过PEB结构中的模块链来隐藏模块,VC prepared the application layer have been revised under the pass PEB structure module chain to hide modules
MyHider
- 一个用来隐藏进程、通过修改PEB隐藏进程模块、通过修改VAD树隐藏进程模块的示例驱动,注释良好,适合初学者。-A driver for hiding the process and the process modules, with smooth comments.
SOME-function
- 基本进程操作及注册表操作的应用. 提升权限,进程PEB查询与操作,进程枚举, 注册表的所有常见使用示例函数.-The basic process of operation and the application of the registry operation. Enhance the authority, the process of inquiry and operation of PEB, the process of enumeration, the registry of a
ModifyPEB
- 修改程序PEB,可能可以过防火墙-Modify the program PEB, the firewall may be able to have ..........
baseaddrbypeb
- this an example on how to get the base address of a module in process via the process peb-this is an example on how to get the base address of a module in process via the process peb
hidedll
- these are two functions that can be used to hide your just loaded dll, from the process peb. use one or another-these are two functions that can be used to hide your just loaded dll, from the process peb. use one or another
TEBPEB
- 通过TEB/PEB枚举当前进程空间中用户模块列表-By TEB/PEB enumerate the current process space in the user module list
WriteMemory
- 读写内存完整实现。 获取进程PEB信息 相关函数的使用-Memory read and write a complete implementation. PEB process to obtain information related to the use of function
EPROCESSPEB
- 分别在EPROCESS、PEB中彻底改掉进程名-Completely get rid of the process name in EPROCESS, PEB
WriteMemory
- 读写内存完整实现。获取进程PEB信息相关函数的使用-Memory read and write a complete implementation. PEB process to obtain information related to the use of function
TEBaPEB
- A Example about TEB and PEB in Windows
Hooking-DLLs-using-PEB
- Hooking DLLs using PEB
src105
- 测试程序是否在虚拟机运行.从三个方面入手检测:1、注册表2、读取peb 3、利用idt检测-Test program is run in a virtual machine. From the detection of three aspects: 1, 2 registry, read peb 3, detected by idt
src105
- 测试程序是否在虚拟机运行.从三个方面入手检测:1、注册表2、读取peb 3、利用idt检测-Test program is run in a virtual machine. From the detection of three aspects: 1, 2 registry, read peb 3, detected by idt