Location:
Search - hook process
Search list
Description: hookNtCreateThread 可以第一时间注入到目标进程,进程创建后,然后就好调用 NtCreateThread创建主线程-hookNtCreateThread the first time can be injected into the target process, the process is created, then create the main thread is like calling NtCreateThread
Platform: |
Size: 4096 |
Author: lxy |
Hits:
Description: 通过拦截TerminateProcess和OpenProcess两个API,防止进程被结束-Two by interception TerminateProcess and OpenProcess API, to prevent the process is concluded
Platform: |
Size: 344064 |
Author: bingo |
Hits:
Description: 原创的进程防杀最终版 Hook OpenProcess 支持xp,server2003,不支持NT2-Original anti-death process, the final version of Hook OpenProcess support xp, server2003, does not support NT2000
Platform: |
Size: 7520256 |
Author: 王三 |
Hits:
Description: vc利用钩子控制进程的创建vc hook control process used to create-vc hook control process used to create
Platform: |
Size: 10240 |
Author: 3n |
Hits:
Description: VB全局 Hook 测试进程防火墙拦截进程代码VB Global Hook intercept the process of code testing process firewall
-VB Global Hook intercept the process of code testing process firewall
Platform: |
Size: 26624 |
Author: ., |
Hits:
Description: 一个很好的hook wininet api的示例程序。很好的演示了本进程hook技术,及关于http请求和响应数据的提取的相关技术。完整vc++工程,可直接编译运行。-a very good demo of hook wininet api,there is a good demostration of how to hook a in-process api.
Platform: |
Size: 743424 |
Author: lvcayu |
Hits:
Description: 一:SSDT表的hook检测和恢复
二:IDT表的hook检测和恢复
三:系统加载驱动模块的检测
四:进程的列举和进程所加载的dll检测
-1: SSDT table hook detection and recovery 2: IDT table hook detection and recovery 3: System load driver module test 4: the process list and the process of loading the dll test
Platform: |
Size: 2296832 |
Author: 虫子 |
Hits:
Description: 1、息钩子监视:列举系统上的消息钩子。
2、块加载监视:列举系统上加载的所有内核模块
3、SSDT监视:通过得到原始的SSDT地址来得到被恶意程序HOOK的API以及恢复SSDT
4、注册表保护:对一些重要的注册表项进行保护,防止恶意程序对其进行修改。
5、隐藏进程检测:检测出系统中隐藏的进程。
6、隐藏端口检测:检测出系统中隐藏的端口。
7、进程强杀:能够杀死系统中的对自身保护的恶意进程。-1, the interest rate hook monitoring: list of system messages on the hook. 2, block load monitoring: list of all the system loads the kernel modules 3, SSDT Monitor: SSDT get the original address to get the API HOOK malicious program and restore SSDT 4, registry protection: some important registry item for protection against malicious programs modify. 5, the hidden process detection: detection of hidden system process. 6, hidden port detection: the system detected the hidden port. 7, strong kill the process: the system can kill self-protection against malicious processes.
Platform: |
Size: 3553280 |
Author: 虫子 |
Hits:
Description: 利用微软Detour学习HOOK任务管理其,是进程不能被任务管理器结束,主要HOOK的是CreatePrcess,很好的一个模板,大家HOOK其它函数时候直接套用就OK了-HOOK learning tasks using Microsoft manage its Detour is a process that can not be the end of Task Manager, the main HOOK is CreatePrcess, a good template, you HOOK directly applied to other functions OK when the
Platform: |
Size: 82944 |
Author: batcom |
Hits:
Description: HOOK技术的Ring0级进程保护组件设计与实现-HOOK-class process technology Ring0 component design and implementation of protection
Platform: |
Size: 655360 |
Author: jiouj8 |
Hits:
Description: Hook内核API-ObReferenceObjectByHandle,实现进程保护,防止被保护的进程被kill掉(360杀不掉它)。-Hook the kernel API-ObReferenceObjectByHandle, in order to protect process so that the protected process can not be killed by others.
Platform: |
Size: 3072 |
Author: 伍友良 |
Hits:
Description: inline hook未导出函数PspTerminateProcess, 驱动,可以用于防止进程关闭-inline hook not exported function PspTerminateProcess, drivers can be used to prevent the process of closure
Platform: |
Size: 3072 |
Author: gmlars |
Hits:
Description: 挂钩KiFastCallEntry保护进程的代码,做了自旋锁,保证了多核环境安全-Linked KiFastCallEntry protection process code, so the spin lock to ensure safety of multi-core environment
Platform: |
Size: 358400 |
Author: hyutu |
Hits:
Description: HOOK技术的Ring0级进程保护组件设计与实现-HOOK-class process technology Ring0 component design and implementation of protection
Platform: |
Size: 655360 |
Author: hackwin |
Hits:
Description: 网络数据包捕获查看工具,
支持三种 数据包捕获方式:
1、Raw嗅探
2、Hook指定进程API,截获数据包
3、端口数据转发-Network packet capture viewer,
Support for packet capture of three ways:
1, Raw sniffer
2, Hook the specified process API, intercepted data packets
3, the port forwarding
Platform: |
Size: 294912 |
Author: Axel |
Hits:
Description: Delphi Source Code:
=== === === === === === === ====
Magic Api Hook Engine v1.0 - Date: 2006.04.24
this is a simple all around process api hooker
UserMode(Ring3) just for WinNT family
By: Magic_h2001 - magic_h2001@yahoo.com
Home: http://magic.shabgard.org
==============================================
-Delphi Source Code:
==============================================
Magic Api Hook Engine v1.0 - Date: 2006.04.24
this is a simple all around process api hooker
UserMode(Ring3) just for WinNT family
By: Magic_h2001 - magic_h2001@yahoo.com
Home: http://magic.shabgard.org
==============================================
Platform: |
Size: 18432 |
Author: Weder |
Hits:
Description: detour的api hook方法, 实现了进程hook,消息hook等。-detour api hook method. realize the process hook, message hook etc.
Platform: |
Size: 771072 |
Author: fenzhengrou |
Hits:
Description: VC++ HOOK Api使用大全及演示,有很多内容,全部都是Windows系统下各种HookApi的示例源码,包括网络、文件、对话框、注册表、进程等各个方面的,推荐给大家研究。
-VC++ HOOK Api Daquan, and demo use, there are a lot of content, all Windows systems of various HookApi example source code, including network, file, dialog, registry, process and other aspects, and recommend to everyone to.
Platform: |
Size: 312320 |
Author: |
Hits:
Description: 1.这是一个基于钩子技术的键盘记录工具
2.HOOK文件夹下时DLL模块,SetHook文件夹下是安装DLL的程序
3.工具可以记录各种语言(包括中文、日文等等...)及符号,记录保存在c:\hooktxt.txt目录下
4.程序可以抓取输入窗口的标题-1. This is a hook-based keyloggers technology tools 2.HOOK folder when the DLL module, SetHook DLL folder of the installation process 3. Tool can record a variety of languages (including Chinese, Japanese, etc. ... ) and symbols, record-keeping in the c: \ hooktxt.txt directory 4. program can grab the title input window
Platform: |
Size: 1990656 |
Author: ailink |
Hits:
Description: 向其他进程注入代码
目录:
●导言
●Windows 钩子(Hooks)
●CreateRemoteThread 和LoadLibrary 技术
○进程间通讯
●CreateRemoteThread 和 WriteProcessmemory 技术
○如何使用该技术子类(SubClass)其他进程中的控件
○什-Into the code to other processes
Directory:
● Introduction
● Windows hook (Hooks)
● CreateRemoteThread and LoadLibrary Technology
○ inter-process communication
● CreateRemoteThread and WriteProcessmemory Technology
○ How to use the technology subclass (SubClass) the control of other processes
What ○
Platform: |
Size: 245760 |
Author: 魍酆 |
Hits:
«
1
2
...
4
5
6
7
8
910
11
12
13
14
...
26
»