Location:
Search - hook driver
Search list
Description: windows ndis钩子程序,用于防火墙、vpn、nat、网络驱动等软件的开发。-hook procedures for firewall, VPN, nat, network drives, such as software development.
Platform: |
Size: 18263 |
Author: 杨 |
Hits:
Description: 基于费尔的Ndis Hook技术的网络监控系统 目录列表: TGuard 应用程序目录 TGuard_sys For 2k的驱动程序 Release 存放应用程序 Def 应用程序和驱动共用的一个定义文件 Tools 工具 安装: 将.sys文件放到\windows\system32\driver目录下,导入Tools目录中installHook.reg,重启. 注意点: 支持winRoute,Winxp带的ics共享,isa Server, 不支持sygate. 对网卡无限制.-Ndis Hook Technology Network Monitoring System directory listings : TGuard application directory TGuard_sys For 2k Driver Release storage applications Def applications and drive a shared definition document Tools installation tool :. Sys documents into \ windows \ system32 \ driver directory, import Tools directory installHook.reg restart. attention : winRoute support, with the ICs Winxp sharing, isa Server, does not support Sygate. NIC unrestricted right.
Platform: |
Size: 506880 |
Author: 孙卫平 |
Hits:
Description: windows ndis钩子程序,用于防火墙、vpn、nat、网络驱动等软件的开发。-hook procedures for firewall, VPN, nat, network drives, such as software development.
Platform: |
Size: 18432 |
Author: |
Hits:
Description: 使用Firewall Hook Driver技术进行端口过滤的一个简单防火墙的代码。-use Firewall Hook Driver technology port of a simple filtering firewall code.
Platform: |
Size: 12288 |
Author: |
Hits:
Description: 一个截取网络包的驱动。它与DDK文档正是NDIS中间驱动不同,是通过HOOK内核NDIS API来实现的。听说诺顿也是使用此方法来实现。-an interception network packet driver. It DDK documentation is NDIS Intermediate Driver, through HOOK kernel NDIS API to achieve. Norton also heard that the use of this method is to be achieved.
Platform: |
Size: 279552 |
Author: helwjh |
Hits:
Description: 这是青少年卫士网络版的Rip版,版本号为2.1,基于费尔的Ndis Hook技术.相比正式版,除了去掉了无关紧要的注册和升级,其余一字未改.
目录列表:
TGuard 应用程序目录
TGuard_sys For 2k的驱动程序
Release 存放应用程序
Def 应用程序和驱动共用的一个定义文件
Tools 工具
安装:
将.sys文件放到\windows\system32\driver目录下,导入Tools目录中installHook.reg,重启.
注意点:
支持winRoute,Winxp带的ics共享,isa Server, 不支持sygate.
对网卡无限制.
V2.1 => V2.2的改动:
从Ndis Hook技术改为基于DDK带的passthru.
(*) 懂Ndis的话,只需5分钟,直接复制几个文件,加10行以内代码就可从V2.1改为V2.2。-This is the youth version of the network guards Rip version, version 2.1, Based on the Ndis Fernando Hook technology. Compared to the official version, in addition to eliminating the irrelevant to the registration and upgrading, The remaining unchanged word. directory listing : TGuard application directory TGuard_sys For 2k Driver Release deposit Def up application procedures and application-driven definition of a common document Tools tool installation : will. sys files on \ windows \ system32 \ directory driver, Introduction Tools directory installHook.reg restart. attention : winRoute support, Winxp belt ics sharing, isa Server, not to support sygate. unrestricted right card. V2.1 =
Platform: |
Size: 913408 |
Author: cnbeta1985 |
Hits:
Description: 用DDDK编写驱动,修改SSDT表HOOK NTDebugActiveProcess函数
钩子函数中可以判断PID号,决定是否放行,放行则在钩子函数中调用原来的NTDebugActiveProcess函数.否则直接返回False.HOOK成功后所有调用DebugActiveProcess的程序将会失效.当然可以按照你的需要HOOK更多的系统服务函数.同一服务函数的服务号在每个操作系统版本中是不同的.下面附件中编译完成的驱动请在WinXP SP2的环境下测试.否则可能会导致直接重启-Used to prepare DDDK drive, modify SSDT Table HOOK NTDebugActiveProcess function hook function can determine the PID number, decide whether to release, release in the hook function to call the original function NTDebugActiveProcess. False.HOOK Otherwise, after the success of a direct return all calls DebugActiveProcess procedures will be failure. You can, of course, in accordance with the needs of more system services HOOK function. the same service function of the service in each of the operating system versions are different. following the completion of the annex to compile drivers in WinXP SP2 test environment. or else may lead to the resumption of direct
Platform: |
Size: 3072 |
Author: 张京 |
Hits:
Description: 这是一个非常好的内核级HOOK API的例子,想看看效果里面的bin文件夹可以有编译好的程序,其中内核监视没有实现,进程和注册表监视已经完成。这个代码绝对可以成功编译,因为hookzwcreateprocess里的代码是驱动设备程序的,所以编译环境的设置比较复杂,所以在这个压缩包里也包含了一个小教程,教你去搭建vc 6.0中开发驱动设备程序的环境,并且带了个样本。声明:这个程序运行XP下,在2000下会造成蓝屏-This is a very good kernel-level HOOK API examples, I would like to look at the effects inside the bin folder can be compiled procedures, which did not materialize to monitor the kernel, processes and registry monitoring has been completed. This code is absolutely able to successfully compile, because the code is hookzwcreateprocess in process-driven equipment, so the compiler set up the environment more complex, so in this compression bag also contains a small tutorial to teach you to build in vc 6.0 device driver development program environment, and带了个samples. Statement: This program runs under XP, in 2000 will cause a blue screen
Platform: |
Size: 81920 |
Author: zhenbiao |
Hits:
Description: windows hook driver的范例程序。对于开发基于hook的windows平台网络驱动程序有很大借鉴作用,可直接修改使用。-Examples of windows hook driver procedures. Based on the hook for the development of the windows platform network driver have great references, can be edited directly using the.
Platform: |
Size: 238592 |
Author: 王雷 |
Hits:
Description: ExcpHook is an open source (see license.txt) Exception Monitor for Windows made by Gynvael Coldwind (of Team Vexillium). t uses a ring0 driver to hook KiExceptionDispatch procedure to detect the exceptions, and then shows information about the exception on stdout (using the ring3 part of the program ofc).
The difference between this method, and the standard debug API method it that this method monitores all of XP processes, and the program does not have to attach to any other process to monitor it, hence it s harder to detect.
The code currently is considered as ALPHA, and it has been reported to BSoD sometimes (on multi core/cpu machines). Take Care!
Platform: |
Size: 53248 |
Author: 张京 |
Hits:
Description: TouchPanel driver which encapsulate real driver. This driver helps to hook by user application touchscreen(TouchPanel) events before windows process this events.
Platform: |
Size: 7168 |
Author: Oleg |
Hits:
Description: windows hook 的好例子,Windows内核的安全防护-windows hook driver
Platform: |
Size: 2048 |
Author: gigi |
Hits:
Description: Windows内核态SSDT-hook实现进程隐藏和文件隐藏,代码很规整,学习内核编程的好例子 -a good example of studying kernel programing or driver developing,
SSDT hook
Platform: |
Size: 5120 |
Author: goodone |
Hits:
Description: 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
Platform: |
Size: 72704 |
Author: john smith |
Hits:
Description: VC++6.0实现的利用IP过滤钩子驱动创建的一个Windows防火工具,支持TCP,UDP,ICMP协议,基本呈现了Windows防火墙开发的过程-VC++6.0 to achieve the use of IP filter hook driver to create a Windows fire prevention tools, support for TCP, UDP, ICMP protocol, the basic Windows firewall shows the process of development.
Platform: |
Size: 2997248 |
Author: 周东尧 |
Hits:
Description: 驱动级的隐藏进程代码,在驱动层通过替换ssdt地址表中的函数来隐藏进程-Drive-level code to hide the process, in the driver layer ssdt address by replacing the function table to hide the process of
Platform: |
Size: 3072 |
Author: 帅俊 |
Hits:
Description: Simple Packet - Filter Firewall
A simple packet filtering based open source Firewall. It uses Filter hook driver for its basic working-Simple Packet- Filter Firewall
A simple packet filtering based open source Firewall. It uses Filter hook driver for its basic working
Platform: |
Size: 163840 |
Author: behrooz |
Hits:
Description: 驱动挂钩,拦截指定函数调用。 -Driver linked to intercept the specified function call. Driver linked to intercept the specified function call.
Platform: |
Size: 5120 |
Author: lihui |
Hits:
Description: 文件过滤驱动,File filter driver intercepts file functions include copy, move, Read, Write, and get the file information, and so on. -File system driver.-File filter driver intercepts file functions include copy, move, Read, Write, and get the file information, and so on.-File system driver.
Platform: |
Size: 459776 |
Author: 老孙 |
Hits:
Description: HOOK SSDT中SetInformation 函数的 驱动程序
配有mfc的用户模式界面
实现了Createfile readfile writefile
IOCTL 这几个分发函数
在IOCTL中实现了对SetInformation函数的HOOK-SSDT Hook Driver test
with mfc interface
Platform: |
Size: 11134976 |
Author: yangzhe |
Hits: