Description: ExcpHook is an open source (see license.txt) Exception Monitor for Windows made by Gynvael Coldwind (of Team Vexillium). t uses a ring0 driver to hook KiExceptionDispatch procedure to detect the exceptions, and then shows information about the exception on stdout (using the ring3 part of the program ofc).
The difference between this method, and the standard debug API method it that this method monitores all of XP processes, and the program does not have to attach to any other process to monitor it, hence it s harder to detect.
The code currently is considered as ALPHA, and it has been reported to BSoD sometimes (on multi core/cpu machines). Take Care!
- [ProgrammingWindows] - winSDK classic Guide (English version)
- [smivgx] - weights under smi501 display driver sour
- [attach] - procedure to insert their own code. Spec
- [hidedrive] - documents hidden drive in 2000 \ XP \ 2,
- [2kHookDriver] - Examples of windows hook driver procedur
- [IDTGuard] - IDT Hook detection and recovery procedur
- [BufferedIO_PW] - Pseudo Driver Test Demo BufferedIO
- [PEMonitor_0.10_src] - PE Monitor is a small anti-debugger and
- [Apimonitor] - ApiMonitor a very good platform for surv
- [U] - Kernel level filter driver technology us
File list (Check if you may need any files):