搜索资源列表
HookShadowSSDT
- 一个演示如何hook shadow ssdt表的例子。
antihook_src
- 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
RestoreShadowInUser
- Ring0下恢复SSDT Shadow,在用户端的情况下恢复系统描述表-Under the recovery Ring0 SSDT Shadow, in the case of the client to restore the system descr iption
HookSSDTShadow
- Hook SSDT shadow 示例,首先找到csrss进程然后attach,最后修改ssdt shadow table-Hook SSDT shadow sample, first find the csrss process then attach, last modified ssdt shadow table