搜索资源列表
qqdll
- 家都知道,当今的QQ病毒,都用了钩子技术。创建一个DLL,然后使用全局钩子;或者在QQ进程里插入一个DLL,后监测键盘或者是Windows消息,判断用户是否是用QQ聊天,并且是不是已经把信息送出。无DLL的QQ尾巴-home all know that today's QQ virus, has used a hook. To create a DLL, and then use the overall hook; QQ or in the process of inserting a
VC-system-programming
- 包括:cdrom控制,cpu和mouse信息,USB编程,测试cpu速度,检测键盘按键,列出进程,鼠标钩子编程,系统信息获取,注册表编程-include : cdrom control, cpu and mouse information, USB programming, cpu speed test to detect the keyboard keys, listing process, the mouse hook programming, system information acce
HideProcess.rar
- Hook Hidden Process. Using ZwQuerySystemInfomation Api.,Hook Hidden Process. Using ZwQuerySystemInfomation Api.
ProcessProtect.rar
- 在Ring0下实现保护进程,通过HOOK SSDT实现保护进程,The Ring0 achieve protection process, achieved through the protection process HOOK SSDT
HookCreateProcess.rar
- API Hook,实现了对CreateProcess的挂钩,可以监视进程的创建。,API Hook, to achieve the linking of CreateProcess, you can create a monitoring process.
HookCode
- VC++写的APIHook实例源代码,大致翻了一下,只挂引入表的函数,注入有SetWindowHookEx和CreateRemoteThread两种方式,进程枚举也区分了不同系统下使用的psai和toolhelp,另外为了获得Process的创建消息,做了一个驱动来注册回调函数,总的来说,在注入部分做得相当棒,如果想挂各种函数,可以结合detour使用。-VC++ to write the source code examples APIHook generally turned a bit,
notcloseApi
- 一个小程序,hook windows api, 让不能结束掉本程序,希望对你有帮助-Procedures for a small, hook windows api, so that the end can not be out of the process, would like to help you
KernelHook
- Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
codeinject_pacage
- 收集几款VC++代码注入程序,不同时期的都有,通过这些示例你会明白如何将代码注入不同的进程地址空间,随后在该进程的上下文中执行注入的代码。这里主要是三种方法: 1、Windows 钩子 2、CreateRemoteThread 和 LoadLibrary 技术 ——进程间通信 3、CreateRemoteThread 和WriteProcessMemory 技术 ——如何用该技术子类化远程控件 ——何时使用该技术-Collection of se
SASHook
- SAS Hook,使用远程进程注入的方法注入winlogon.exe屏蔽Ctrl+Alt+Del键,本人几年前的老作品了,对Vista及以上系统无效。-SAS Hook, use the method of injection into the remote process winlogon.exe Shield Ctrl+ Alt+ Del keys, I have a few years ago the old works, and on Vista and above systems is
HOOK
- 控制银证直通车键盘热键的说明格式为Delphi远程线程注入系统进程-Control of Silver Certificate Note Express format of the keyboard hotkey remote thread injection system for the Delphi process
netfilter
- netfilter源码。通俗的说,netfilter的架构就是在整个网络流程的若干位置放置了一些检测点(HOOK),而在每个检测点上上登记了一些处理函数进行处理(如包过滤,NAT等,甚至可以是 用户自定义的功能)。 -netfilter source. Popular to say, netfilter framework is the process in a number of locations throughout the network to place a number of det
NoKilledProcess
- 原创的进程防杀最终版 Hook OpenProcess 支持xp,server2003,不支持NT2-Original anti-death process, the final version of Hook OpenProcess support xp, server2003, does not support NT2000
InlineHook_PspTerminateProcess
- inline hook未导出函数PspTerminateProcess, 驱动,可以用于防止进程关闭-inline hook not exported function PspTerminateProcess, drivers can be used to prevent the process of closure
HookAPI
- VC++ HOOK Api使用大全及演示,有很多内容,全部都是Windows系统下各种HookApi的示例源码,包括网络、文件、对话框、注册表、进程等各个方面的,推荐给大家研究。 -VC++ HOOK Api Daquan, and demo use, there are a lot of content, all Windows systems of various HookApi example source code, including network, file, dialog,
XueTr
- 1.进程、线程、进程模块、进程窗口、进程内存信息查看,热键信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、IDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查
HOOK-taskmgr
- 简单的防止任务管理器结束进程~~3环的-Prevent the Task Manager to end the process ~ ~ ring ~ ~
ObRegisterCallbacks-hook-
- This driver is designed to collect metadata about securable objects such as // Process, File, Event, and Section objects. The metadata is used to construct // a chronological object log which conveys information about object definitions // and
hook
- android平台注入动态链接库 lib so-android paltform inject the lib so to the target process
HOOK
- 全局钩子,监控系统进程的创建,很好的DLL,可以没有源码-Global Hook, Monitor the program process create, good dll, no codes