搜索资源列表
hookntcontinue
- ring0--hook NtContinue+source_code ring0下面hookNtContinue 使用drx7寄存器实现的hook this code hooks ntoskrnl!NtContinue to set dr7 to 0 (no updating of dr7) so NtContinue called from ring3 cannot alter drX registers... This hook will only PREVENT dr
Rootkit 内核hook 隐身术
- Rootkit 1。 内核hook 隐身术 ring0中调用ring3程序 其他
RING0.RING0下检测用HOOK SSDT隐藏进程的代码
- RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。,RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
X86IL.zip
- 可以将机器码计算为汇编指令并且算出指令长度的C头文件。在编写Ring0或Ring3的Inline Hook时不可缺少的东西。,Can be calculated as the compilation of binary instructions and directives to calculate the length of the C header file. In the preparation of the Ring0 or Ring3 when Inline Hook indispen
ProcessProtect.rar
- 在Ring0下实现保护进程,通过HOOK SSDT实现保护进程,The Ring0 achieve protection process, achieved through the protection process HOOK SSDT
NtOpenProcess[InlineHook]
- r0 inline hook sample.
ObReferenceObjectByHandle
- Inline HOOK ObReferenceObjectByHandle 保护进程-Inline HOOK ObReferenceObjectByHandle
hookzwquery
- 用汇编实在Ring3 和 Ring0 下的Inline HooK-It Ring3 and assembly under the Inline HooK Ring0
ring0
- Ring0钩子防网页挂马的一个代码,不错。-Anti-hook Ring0 pages linked to the horse a code, yes.
ring0
- ring0 hook from an Chinese website
Kehook
- 对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-The hook, from ring3 there are many, ring3 to ring0 there are many, according to api call progressive sequen
Fireshield-ring0
- Example of Ring0 hook with uAll Hook Pack-Example of Ring0 hook with uAll Hook Pack...
Ring0
- Ring0中Hook SSDT防止进程被结束
InlineReHOOK
- ring0下恢复inline hook 还有点bug-inline hook resume ring0
RING0INLINEHOOK
- RING0下的恢复所有模块导出函数的INLINE HOOK驱动-RING0 restore all modules under the derived functions INLINE HOOK-driven
Ring0
- Hook NtQueryDirectoryFile隐藏文件 仅限32位系统-Hook NtQueryDirectoryFile hidden files is limited to 32-bit systems
HOOK-class
- HOOK技术的Ring0级进程保护组件设计与实现-HOOK-class process technology Ring0 component design and implementation of protection
HOOK-Ring0
- HOOK技术的Ring0级进程保护组件设计与实现-HOOK-class process technology Ring0 component design and implementation of protection
12121212
- Ring0全局钩子防御网马,现在通行的不少浏览器都带有一定的网马检测功能和防御功能,本文主要从Ring0角度做一点方法介绍-Global defense network Ring0 hook horses, many browsers now prevailing net with a certain horse detection and prevention capabilities, this article from the point of doing that method intr
registry-monitor
- windows注册表监控源码。Ring0级中HOOKSSDT实现。-Windows registry monitoring source. The level Ring0 hook SSDT achieve.