Rootkit some papers！

Title: Rootkit

Download

Category:
Hook api
Tags:
[PDF]
File Size:
8.07mb
Update:
2012-11-26
Downloads:
0 Times
Uploaded by:
229850486

Description: some Rootkit papers！

Downloaders recently: [More information of uploader 229850486]

To Search: Rootkit

[Vipshell] - VIPSHE
[detours2.1] - Functions/Classes:
[ROOTKITS] - ROOTKITS- Windows kernel security sourc
[Zion] - Rootkit achieve, so the technical discus
[Rootkit] - Rootkit learning and research, good teac
[cmcark_cw.0.2.2.9.12] - A rootkit detector that allows you to re
[BiosRootkit] - Bios Rootkit
[hiding_concepts_rootkits] - Many people do not realize the real dang

File list (Check if you may need any files):

Filename Size Date
Rootkit\RootKit在Linux下的工作原理及其检测.pdf
.......\Rootkit让后门隐藏无踪影.pdf
.......\Windows RootKit技术原理及防御策略.pdf
.......\Windows操作系统下内核级Rootkitss隐蔽技术研究.pdf
.......\【专题四】Rootkit的学习与研究\Read me.txt
.......\.............................\.ootkit\1。 内核hook\1）object hook\1）object hook.doc
.......\.............................\.......\............\2）ssdt hook\2）ssdt hook.doc
.......\.............................\.......\............\............\SSDT Hook的妙用－对抗ring0 inline hook .doc
.......\.............................\.......\............\............\swk0207.rar
.......\.............................\.......\............\3）inline-hook\360SuperKill学习之--恢复FSD的IRP处理函数.doc
.......\.............................\.......\............\..............\3）inline-hook.doc
.......\.............................\.......\............\..............\cnnic.rar
.......\.............................\.......\............\..............\ExpLookupHandleTableEntry.rar
.......\.............................\.......\............\..............\ExpLookupHandleTableEntry2.rar
.......\.............................\.......\............\..............\kill_SecuritySoftware.rar
.......\.............................\.......\............\..............\PsLookupProcessByProcessId执行流程学习笔记.doc
.......\.............................\.......\............\..............\句柄啊，3层表啊，ExpLookupHandleTableEntry啊.doc
.......\.............................\.......\............\..............\干掉KV 2008  Rising等大部分杀软.doc
.......\.............................\.......\............\..............\搜索未导出的函数地址.doc
.......\.............................\.......\............\4）idt hook\bhwin_keysniff.rar
.......\.............................\.......\............\...........\IDT Hook .doc
.......\.............................\.......\............\5）IRP hook\5）IRP hook.doc
.......\.............................\.......\............\...........\irphook1.rar
.......\.............................\.......\............\...........\irphook2.rar
.......\.............................\.......\............\...........\irphook3.rar
.......\.............................\.......\............\6）SYSENTER hook\6）SYSENTER hook.doc
.......\.............................\.......\............\................\SysEnterHook.rar
.......\.............................\.......\............\7）IAT HOOK\7）IAT HOOK.doc
.......\.............................\.......\............\...........\HybridHook.rar
.......\.............................\.......\............\...........\testtest.rar
.......\.............................\.......\............\8）EAT HOOK\8）EAT HOOK.doc
.......\.............................\.......\............\...........\利用导出表来禁止一些驱动程序的加载.doc
.......\.............................\.......\............\...........\导出表钩子.rar
.......\.............................\.......\2。保护模式篇章第一部分： ring3进ring0之门\1)通过调用门访问内核\1)通过调用门访问内核.doc
.......\.............................\.......\..........................................\....................\myCallGate.rar
.......\.............................\.......\..........................................\....................\test.rar
.......\.............................\.......\..........................................\2)通过中断门访问内核\2)通过中断门访问内核.doc
.......\.............................\.......\..........................................\....................\myIntGate.rar
.......\.............................\.......\..........................................\3)通过任务门访问内核\3)通过任务门访问内核.doc
.......\.............................\.......\..........................................\....................\MyTaskGate.rar
.......\.............................\.......\..........................................\4)通过陷阱门访问内核\4)通过陷阱门访问内核.doc
.......\.............................\.......\..........................................\....................\exe.rar
.......\.................

Main Category

SourceCode

Web Code

Develop Tools

Document

Other resource

Category

About site

CodeBus www.codebus.net

Filename	Size	Date
Rootkit\RootKit在Linux下的工作原理及其检测.pdf
.......\Rootkit让后门隐藏无踪影.pdf
.......\Windows RootKit技术原理及防御策略.pdf
.......\Windows操作系统下内核级Rootkitss隐蔽技术研究.pdf
.......\【专题四】Rootkit的学习与研究\Read me.txt
.......\.............................\.ootkit\1。内核hook\1）object hook\1）object hook.doc
.......\.............................\.......\............\2）ssdt hook\2）ssdt hook.doc
.......\.............................\.......\............\............\SSDT Hook的妙用－对抗ring0 inline hook .doc
.......\.............................\.......\............\............\swk0207.rar
.......\.............................\.......\............\3）inline-hook\360SuperKill学习之--恢复FSD的IRP处理函数.doc
.......\.............................\.......\............\..............\3）inline-hook.doc
.......\.............................\.......\............\..............\cnnic.rar
.......\.............................\.......\............\..............\ExpLookupHandleTableEntry.rar
.......\.............................\.......\............\..............\ExpLookupHandleTableEntry2.rar
.......\.............................\.......\............\..............\kill_SecuritySoftware.rar
.......\.............................\.......\............\..............\PsLookupProcessByProcessId执行流程学习笔记.doc
.......\.............................\.......\............\..............\句柄啊，3层表啊，ExpLookupHandleTableEntry啊.doc
.......\.............................\.......\............\..............\干掉KV 2008	Rising等大部分杀软.doc
.......\.............................\.......\............\..............\搜索未导出的函数地址.doc
.......\.............................\.......\............\4）idt hook\bhwin_keysniff.rar
.......\.............................\.......\............\...........\IDT Hook .doc
.......\.............................\.......\............\5）IRP hook\5）IRP hook.doc
.......\.............................\.......\............\...........\irphook1.rar
.......\.............................\.......\............\...........\irphook2.rar
.......\.............................\.......\............\...........\irphook3.rar
.......\.............................\.......\............\6）SYSENTER hook\6）SYSENTER hook.doc
.......\.............................\.......\............\................\SysEnterHook.rar
.......\.............................\.......\............\7）IAT HOOK\7）IAT HOOK.doc
.......\.............................\.......\............\...........\HybridHook.rar
.......\.............................\.......\............\...........\testtest.rar
.......\.............................\.......\............\8）EAT HOOK\8）EAT HOOK.doc
.......\.............................\.......\............\...........\利用导出表来禁止一些驱动程序的加载.doc
.......\.............................\.......\............\...........\导出表钩子.rar
.......\.............................\.......\2。保护模式篇章第一部分： ring3进ring0之门\1)通过调用门访问内核\1)通过调用门访问内核.doc
.......\.............................\.......\..........................................\....................\myCallGate.rar
.......\.............................\.......\..........................................\....................\test.rar
.......\.............................\.......\..........................................\2)通过中断门访问内核\2)通过中断门访问内核.doc
.......\.............................\.......\..........................................\....................\myIntGate.rar
.......\.............................\.......\..........................................\3)通过任务门访问内核\3)通过任务门访问内核.doc
.......\.............................\.......\..........................................\....................\MyTaskGate.rar
.......\.............................\.......\..........................................\4)通过陷阱门访问内核\4)通过陷阱门访问内核.doc
.......\.............................\.......\..........................................\....................\exe.rar
.......\.................