搜索资源列表
hook-linux.rar
- Linux 2.6 内核下劫持系统调用,代码比较简单,还是可以参考参考的。,Linux 2.6 kernel system call hijacking, the code is relatively simple, or can refer to as a reference.
ip_mac_hook
- 利用linux下的netfilter,在内核中注册一个勾子,完成ip,mac列表的绑定功能。-Linux netfilter in the kernel registered a hook to complete the binding function of ip, mac list.
kernelspyfiles
- 内核模式的API间谍- 我们将扩大我们的模式,内核模式从事间谍活动,并钩的API调用这是由我们的目标设备驱动程序。 我们还将推出一个全新的沟通方式之间的内核模式驱动程序和用户模式应用-而不是使用系统服务,我们将执行我们自己的小型版本的异步过程调用。 -Kernel-mode API spying- We will expand our model, kernel-mode engaged in espionage activities, and hook the API call it is
KernelHook
- Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
kernel.txt.tar
- Sometimes, we run into a situation when we badly need to hook some kernel function, but are unable to do it via conventional PE-based hooking. This article explains how kernel functions can be directly hooked. As a sample project, we are going to pre
KernelLookup
- Open Source SSDT Hook detection utility, it will scan the SSDT Entries in the kernel (ntoskrnl.exe) and find the functions that are hooked & not in the kernel base address range .
HookPE
- Hook内核导出函数ZwCreateFile的一个实例,可在此基础上扩展。-an instance of hook ZwCreateFile exported from windows kernel. It can be extended.
XueTr
- 1.进程、线程、进程模块、进程窗口、进程内存信息查看,热键信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、IDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查
Rootkitahook
- 很经典的系统内核的编程资料。内含经典ROOTKIT源代码。主要介绍了如何利用HOOK来操作内核。-The classic system kernel programming information. Contains classic ROOTKIT source code. Is mainly introduced how HOOK kernel to operate.
kssd-rootkit
- 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring
VCPP-driver-Hook-kernel-system-call
- VC++ 驱动层Hook系统内核调用 VC++ driver Hook kernel system call VC++ driver Hook kernel system ca-VC++ driver Hook kernel system call
easyhook-71015
- EasyHook starts where Microsoft Detours ends. This project supports extending (hooking) unmanaged code (APIs) with pure managed ones, from within a fully managed environment like C# using Windows 2000 SP4 and later, including Windows XP x64, Window
ntoskrnlsZwQuerySystemInformation
- 对 Hook 内核ntoskrnl sZwQuerySystemInformation隐藏任务管理器进程名 的彻底完善-Hook the kernel ntoskrnl' sZwQuerySystemInformation hide the Task Manager process name completely perfect
InlineEngine
- InLineHook引擎可以简单的实现内核下的内联钩子-The InLineHook engine can be realized under the kernel simple inline hook.
DpcStackGrower_Sources
- DPC Stack Grower is a program I wrote some time ago that allows to modify the size of the kernel stack used by the system for servicing "Deferred Procedure Calls" in Windows NT and later. For the reader it can be an example of a quite complex hook ap
rookti
- 系统内核知识的普遍与交流 里面有IATHOOK EIPHOOK还有内核HOOK等 值得新手学习-General knowledge and communication system kernel There IATHOOK EIPHOOK well worth novice learning kernel HOOK, etc.
nfs_root
- 里面是Linux的4个根文件系统,对应4个子目录: ① 最小的根文件系统fs_mini; ② 使用mdev机制的最小根文件系统fs_mini_mdev; ③ 含有qtopia图形程序的根文件系统fs_qtopia; ④ 含有X Window图形程序的根文件系统fs_xwindow。 在开发阶段,单板上的内核启动后可以通过NFS挂接它们中的某一个,然后执行其中的程序;开发完成后,将所用的整个根文件系统目录制作为映像文件,烧入单板。-During th
wfp_example
- wfp 改包 拦截 内核钩子 包方向判断-wfp packet hook kernel hook packet direction