Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - hook ssdt

Search list

[ADO-ODBChookssdt

Description: 再谈内核及进程保护,利用hook掉系统ssdt保护进程的例子。-Return to the kernel and the process of protection, the use of SSDT hook off system to protect the process of example.
Platform: | Size: 7168 | Author: dp0857sihuanji | Hits:

[OS programHookShadowSSDT

Description: hook shadow ssdt keylogger - sth like regin code
Platform: | Size: 296960 | Author: mohsen | Hits:

[OS programtestKey

Description: two keylogger source code do ssdt hook
Platform: | Size: 477184 | Author: mohsen | Hits:

[OS programssdt_hook

Description: ssdt完整稳定源码,第一个例子HOOK了ZwSetInformationFile保护test.txt文件不被删除 第二个例子HOOK了NtOpenProcess保护PID大于1000的进程不被结束-ssdt complete stable source, ssdt complete stable source, ssdt complete stable source
Platform: | Size: 162816 | Author: siliemor | Hits:

[Driver DevelopSSDT_template

Description: SSDT Hook 模板 可以在此基础上增加自定义功能-SSDT Hook template can add custom features on this basis
Platform: | Size: 2048 | Author: 王斌 | Hits:

[Driver DevelopSSDTHOOK_demo

Description: SSDT Hook demo 内核层 + 用户层 SSDT Hook demo 内核层 + 用户层-SSDT Hook demo user layer core layer+
Platform: | Size: 61440 | Author: 王斌 | Hits:

[OtherPCHunter_free

Description: 1.进程、线程、进程模块、进程窗口、进程内存信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、Classpnp、Atapi、Acpi、SCSI、IDT、GDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查看,并支持对这些Notify Routine的删除 5.端口信息查看,目前不支持2000系统 6.查看消息钩子 7.内核模块的iat、eat、inline hook、patches检测和恢复 8.磁盘、卷、键盘、网络层等过滤驱动检测,并支持删除(1. process, thread, process module, process window, process memory information view, kill process, kill thread, unload module and so on 2. kernel driver module view, support the memory module of the kernel driver module 3.SSDT, Shadow, SSDT, FSD, KBD, TCPIP, Classpnp, Atapi, Acpi, SCSI, IDT, GDT, information view, and can detect and restore SSDT, hook and inline hook 4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego and other Notify Routine information view, and support for the deletion of these Notify Routine 5. port information, currently 2000 systems are not supported 6. view message hook 7. kernel module of IAT, eat, inline, hook, patches detection and recovery 8. disk, volume, keyboard, network layer filter driver detection, and support deletion)
Platform: | Size: 6559744 | Author: aa77ss55dd | Hits:

[Internet-Networkrnchlaf

Description: 易语言驱动源码模版 对ssdt hook 的处理()
Platform: | Size: 6144 | Author: Wzwjwy | Hits:
« 1 2 ... 4 5 6 7 8 9»

CodeBus www.codebus.net