Description: See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring0 also the api call progressive order, every link has the opportunity to hook int 2e or sysenter. hook, ssdt hook, inline hook, irp hook, object hook, idt hook, etc.
To Search:
File list (Check if you may need any files):
看雪论坛rootkit专题.chm
Download