Location:
Search - ssdt hook
Search list
Description: 可用于恢复SSDT绝对的经典值得收藏
可以让卡巴失效。好哦好哦好好哦好
Platform: |
Size: 9716 |
Author: xch |
Hits:
Description: 挂钩SSDT隐藏进程,本人做了详细的注释,对学习驱动的人有很大帮助-SSDT hidden processes linked to, I make detailed notes, learning-driven people are very helpful
Platform: |
Size: 36864 |
Author: long |
Hits:
Description: SSDT,这个东西大家应该知道吧,我就不介绍了,好东西自然值得我们的关注.-SSDT, this thing, everyone should know, I do not introduced, the natural good things worthy of our attention.
Platform: |
Size: 1833984 |
Author: huangai93 |
Hits:
Description: 获取SSDT列表的程序源码,部分代码用DDK编译开发-SSDT procedure to obtain a list of source code, some code developed using DDK compiler
Platform: |
Size: 27648 |
Author: unifix |
Hits:
Description: 查看系统SSDT,系统中被HOOK的函数以红色显示,可以恢复之-View the system SSDT, the system was a function of HOOK in red, it can be restored
Platform: |
Size: 34816 |
Author: 周维祝 |
Hits:
Description: DELPHI恢复SSDT源码
有搞这方面的人可以学习一下-DELPHI source SSDT has engaged in the restoration of this area can learn about
Platform: |
Size: 439296 |
Author: lianx |
Hits:
Description: 一般网上找到的都是需要Ring3传输需要补丁的地址过去...
002就是直接用最标准的方法进行SSDT定位以及修复的
支持多核系统,当然还有003(加入shadow ssdt hook),004(加入inline hook)
基本上是现在最稳定的恢复方式了,大家可以用KMDLoader测试.加载就脱钩.不需要通讯
-Generally find on the Internet are required Ring3 address transmission needs a patch in the past ... 002 is the direct use of most standard approach to SSDT locate and repair support for multi-core systems, of course, 003 (add shadow ssdt hook), 004 (adding inline hook) is basically the recovery is now the most stable way, and we can use KMDLoader test. loaded on decoupling. does not require communication
Platform: |
Size: 515072 |
Author: 按时飞 |
Hits:
Description: 一个简单ARK源码。包括进线程操作,隐藏进程检测,SSDT,SHADOW SSDT hook查看-An anti-rookit tool
Platform: |
Size: 1452032 |
Author: 韩挚同 |
Hits:
Description: SSDT 及 SSDT Shadow HOOK通用框架及保护模块-SSDT and the SSDT Shadow HOOK common framework and protection module
Platform: |
Size: 10240 |
Author: 小鱼 |
Hits:
Description: SSDT Hook Source with Visual Stuio 6.0 (C++)
Platform: |
Size: 102400 |
Author: achykim |
Hits:
Description: 这本书主要介绍了vc中基于ssdt hook 技术,可以很好的帮助你。-This book introduces the vc ssdt hook based technology that can very well help you.
Platform: |
Size: 655360 |
Author: 赵强 |
Hits:
Description: SSDT HOOK VB实现源码,调用底层函数,实现的SSDT HOOK.适合VB研究驱动。-SSDT HOOK VB to achieve source, call the underlying function, to achieve the SSDT HOOK. For VB research-driven.
Platform: |
Size: 49152 |
Author: 林繁 |
Hits:
Description: ZwOpenProcess SSDT Hook test to catch open process information.
Compile it with Meerkat Advanced kernel mode driver GUI for KmdKit4D.
Link: http://www.mediafire.com/?hbhjorv8797k2-ZwOpenProcess SSDT Hook test to catch open process information.
Compile it with Meerkat Advanced kernel mode driver GUI for KmdKit4D.
Link: http://www.mediafire.com/?hbhjorv8797k2ee
Platform: |
Size: 2048 |
Author: STRELiTZIA |
Hits:
Description: 1。获取ssdt函数个数
2。获取ssdt函数表中的所有函数
3。hook ZwQuerySystemInformation
4。unhook ZwQuerySystemInformation
5。根据用户给定的函数地址和ssdt表中的索引,修改ssdt表。-1. Get ssdt number of functions 2. Get ssdt all functions in the function table 3. hook ZwQuerySystemInformation 4. unhook ZwQuerySystemInformation 5. Given function according to the user address and ssdt table index, modify ssdt table.
Platform: |
Size: 10240 |
Author: wu |
Hits:
Description: 1.进程、线程、进程模块、进程窗口、进程内存信息查看,热键信息查看,杀进程、杀线程、卸载模块等功能 2.内核驱动模块查看,支持内核驱动模块的内存拷贝 3.SSDT、Shadow SSDT、FSD、KBD、TCPIP、IDT信息查看,并能检测和恢复ssdt hook和inline hook 4.CreateProcess、CreateThread、LoadImage、CmpCallback、BugCheckCallback、Shutdown、Lego等Notify Routine信息查看,并支持对这些Notify Routine的删除 5.端口信息查看,目前不支持2000系统 6.查看消息钩子 7.内核模块的iat、eat、inline hook、patches检测和恢复 8.磁盘、卷、键盘、网络层等过滤驱动检测,并支持删除 9.注册表编辑 -1 process, thread, process modules, process window, process memory information viewing, hot information to view, kill the process, kill thread, unload the module and other functions 2 kernel driver module view, to support the kernel driver module memory copy 3.SSDT, Shadow SSDT, FSD, KBD, TCPIP, IDT information view, and can detect and recover ssdt hook and inline hook 4.CreateProcess, CreateThread, LoadImage, CmpCallback, BugCheckCallback, Shutdown, Lego, etc. Notify Routine Information check, and to support their Notify Routine Delete 5 port information view, the current system does not support 2000 6 view news hook 7 kernel module iat, eat, inline hook, patches detection and recovery 8 disk, volume, keyboard, network layer filter driver detect, and support for the deletion 9. Registry Editor
Platform: |
Size: 3696640 |
Author: 接收 |
Hits:
Description: HOOK SSDT中SetInformation 函数的 驱动程序
配有mfc的用户模式界面
实现了Createfile readfile writefile
IOCTL 这几个分发函数
在IOCTL中实现了对SetInformation函数的HOOK-SSDT Hook Driver test
with mfc interface
Platform: |
Size: 11134976 |
Author: yangzhe |
Hits:
Description: NtOpenProcess[SSDT Hook].rar-
Platform: |
Size: 25600 |
Author: |
Hits:
Description: 进程隐藏与进程保护(SSDT Hook 实现)(二)分许如果过驱动HOOK-Hidden process and process protection (SSDT Hook realization) (two) Xu if overdriven HOOK
Platform: |
Size: 3573760 |
Author: 蔡生 |
Hits:
Description: 进程隐藏与进程保护(SSDT Hook 实现)(一)分许如果过驱动HOOK-Hidden process and process protection (SSDT Hook realization) (a) Xu if overdriven HOOK
Platform: |
Size: 1939456 |
Author: 蔡生 |
Hits:
Description: 在易语言环境下搭建的过DNF游戏SSDT HOOK框架,包含驱动和主程序模板,供大家学习参考。-Too DNF game SSDT HOOK framework in easy language environment to build, including the drive and the main template for them to learn reference.
Platform: |
Size: 13312 |
Author: 范云 |
Hits: