搜索资源列表
Realization-of-GetModuleHandle
- 通过解析PEB实现系统函数GetModuleHandle()的功能。并对PEB和TEB进行描述,可供大家参考。-Achieved by parsing the PEB system function GetModuleHandle () function. PEB and TEB are described and available for your reference.
Anti-Loader
- Anti-Loader... ...Anti-Loader示例 ├──PEB................利用TEB检测 ├──FindWindow.........查找句柄检测 ├──IsDebuggerPresent..利用IsDebuggerPresent检测 ├──Parent.............检查父进程 └──STARTUPINFO........检查STARTUPINFO结构-Anti-Loader ... ... Anti-Loader ex
dump_PEB
- Dump PEB(Process Environment Block) s Information
JiurlPebSee
- JiurlPebSee - 超级大牛Jiurl写的一个peb查看程序,是底层开发的好东西-JiurlPebSee- write by Jiurl, a peb see programm.
11912871HideModule(PEB)
- 隐藏DLL module在进程管理器的显示,但是在icesword可以被显示出来-Hidden DLL module display in the process manager, but can be displayed in the icesword
src
- 测试程序是否在虚拟机运行.从三个方面入手检测: 1、注册表 2、读取peb 3、利用idt检测-Test program is run in a virtual machine. From the detection of three aspects: 1, 2 registry, read peb 3, detected by idt
KernelSearch
- c内嵌汇编写的暴力跟PEB搜索kernel基址,适合新手学习用-c embedded assembler written in violence with the the PEB search kernel-based site, suitable for novices to learn
PEB-Protect
- 通过遍历程序PEB完成程序加载模块检测,发现异常及时提醒-PEB- find out all program module by PEB struct detects hack