搜索资源列表
JiurlPebSee
- jiurl写的一个查看PEB的程序,有参考价值-jiurl write a check radiotherapy procedures, reference value! !
EnumPeb
- 进程的PEB在以前os上是个定数,但在xp后,有所变化,这个程序可以动态获得各个版本下不同进程的PEB,有效解决硬编码问题。获得了peb,就可以获得进程的命令行参数,获得了命令行参数就知道对应进程打开了什么文件,然后给该进程发送WM_CLOSE,就可以关闭该进程打开的文件了,是不是很神奇,但这里只介绍了动态获得PEB的方法。
basic_v2.1
- Basic hack v2.1 by xgx - http://www.ring0.donster.de/ Features: - Smooth Vector Aimbot - Full ESP ( Namen,Weapon,Distance,Visible,Far) - polymorph,peb hiding to prevent VAC detection
HideModule(PEB).rar
- VC编写的应用层下通修过PEB结构中的模块链来隐藏模块,VC prepared the application layer have been revised under the pass PEB structure module chain to hide modules
Realization-of-GetModuleHandle
- 通过解析PEB实现系统函数GetModuleHandle()的功能。并对PEB和TEB进行描述,可供大家参考。-Achieved by parsing the PEB system function GetModuleHandle () function. PEB and TEB are described and available for your reference.
MyHider
- 一个用来隐藏进程、通过修改PEB隐藏进程模块、通过修改VAD树隐藏进程模块的示例驱动,注释良好,适合初学者。-A driver for hiding the process and the process modules, with smooth comments.
SOME-function
- 基本进程操作及注册表操作的应用. 提升权限,进程PEB查询与操作,进程枚举, 注册表的所有常见使用示例函数.-The basic process of operation and the application of the registry operation. Enhance the authority, the process of inquiry and operation of PEB, the process of enumeration, the registry of a
Anti-Loader
- Anti-Loader... ...Anti-Loader示例 ├──PEB................利用TEB检测 ├──FindWindow.........查找句柄检测 ├──IsDebuggerPresent..利用IsDebuggerPresent检测 ├──Parent.............检查父进程 └──STARTUPINFO........检查STARTUPINFO结构-Anti-Loader ... ... Anti-Loader ex
ModifyPEB
- 修改程序PEB,可能可以过防火墙-Modify the program PEB, the firewall may be able to have ..........
baseaddrbypeb
- this an example on how to get the base address of a module in process via the process peb-this is an example on how to get the base address of a module in process via the process peb
hidedll
- these are two functions that can be used to hide your just loaded dll, from the process peb. use one or another-these are two functions that can be used to hide your just loaded dll, from the process peb. use one or another
TEBPEB
- 通过TEB/PEB枚举当前进程空间中用户模块列表-By TEB/PEB enumerate the current process space in the user module list
dump_PEB
- Dump PEB(Process Environment Block) s Information
JiurlPebSee
- JiurlPebSee - 超级大牛Jiurl写的一个peb查看程序,是底层开发的好东西-JiurlPebSee- write by Jiurl, a peb see programm.
11912871HideModule(PEB)
- 隐藏DLL module在进程管理器的显示,但是在icesword可以被显示出来-Hidden DLL module display in the process manager, but can be displayed in the icesword
src
- 测试程序是否在虚拟机运行.从三个方面入手检测: 1、注册表 2、读取peb 3、利用idt检测-Test program is run in a virtual machine. From the detection of three aspects: 1, 2 registry, read peb 3, detected by idt
AntiDebug-PEB-IsDebuggerPresent
- 利用PEB结构中的IsDebuggerPresent Anti OllyDbg-IsDebuggerPresent Anti OllyDbg
PEB4266.pdf
- VINETIC Voice and Internet Enhanced Telephony Interface Concept (VINETIC® ) chip set family. PEB 3324 PEB 3322 PEB 3332 PEB 3320 PEB 3314 PEB 3394 PEB 3304 PEB 4264/-2 PEB 4364 PEB 4265/-2 PEB 4365 PEB 4266 PEB 42
Hooking-DLLs-using-PEB
- Hooking DLLs using PEB
PEB-Protect
- 通过遍历程序PEB完成程序加载模块检测,发现异常及时提醒-PEB- find out all program module by PEB struct detects hack