Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - ssdt hook

Search list

[Hook apiHookShadowSSDT

Description: 一个演示如何hook shadow ssdt表的例子。
Platform: | Size: 477184 | Author: macro | Hits:

[OS programSSDT

Description:
Platform: | Size: 20480 | Author: 冈崎汐 | Hits:

[OS programhookssdt

Description: 再谈内核及进程保护,利用hook掉系统ssdt保护进程的例子。-Return to the kernel and the process of protection, the use of SSDT hook off system to protect the process of example.
Platform: | Size: 6144 | Author: 好好的 | Hits:

[Windows DevelopSDTrestore-0.2

Description: SSDT 恢复代码 SSDT 恢复代码-SSDT code to restore to restore SSDT code
Platform: | Size: 29696 | Author: sadf | Hits:

[Driver DevelopantiTX

Description: 1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProce-1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProcess
Platform: | Size: 300032 | Author: 傅碧波 | Hits:

[Driver DevelopRING0

Description: RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。-RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
Platform: | Size: 4096 | Author: ldf | Hits:

[DocumentsRing0

Description: Ring0中Hook SSDT防止进程被结束
Platform: | Size: 207872 | Author: 杨晓 | Hits:

[Windows DevelopRegistry_protection

Description: 在内核状态下拦截注册表操作,保护您的注册表不受病毒和木马修改。主要是通过ssdt hook实现,含有完整的代码,包括与应用层通信,和界面代码.-State in the core to intercept registry operation to protect you from viruses and Trojan registry modifications. Mainly through the realization of ssdt hook, contains a complete code, including application-layer communications, and interface code.
Platform: | Size: 290816 | Author: lier | Hits:

[Windows DevelopProcess_protection

Description: 基于ssdt hook 的进程保护,防止自己的进程被恶意关闭。包含应用层与应用层通信的代码-based on ssdt hook the process of protection against their own process of being shut down malicious. Contains application-layer and application layer communication code
Platform: | Size: 48128 | Author: lier | Hits:

[OS programSSDThooksample

Description: 比较流行的 hook ssdt技术 系统内核钩子-Hook ssdt more popular hook-core technology systems
Platform: | Size: 5120 | Author: 雪妖 | Hits:

[Embeded-SCM Develop_ssdt

Description: SSDT查看-Show SSDT ........................
Platform: | Size: 31744 | Author: cnlamb | Hits:

[Windows Develophook

Description: 驱动级的隐藏进程代码,在驱动层通过替换ssdt地址表中的函数来隐藏进程-Drive-level code to hide the process, in the driver layer ssdt address by replacing the function table to hide the process of
Platform: | Size: 3072 | Author: 帅俊 | Hits:

[OS DevelopBiosHook

Description: 方正畅听的3.0版可以通过Hook Bios信息破解,Xuanyue大侠发布了一个破解补丁,但是这个补丁在XP上会蓝屏,原因是SSDT Hook的时候没有关闭中断就直接修改系统SSDT表导致的。很多人反映了,大虾没有时间修正。于是小弟代劳一下。 没有源代码,IDA逆了下驱动,自己写一个,然后替换原来补丁的驱动资源。在此膜拜一下IDA F5的强大。原理很简单,就是Hook ZwMapViewOfSection函数,判断是读Bios信息的,就把伪造的方正Bios信息返回。-Founder Cheong listen through the 3.0 version of crack Hook Bios information, Xuanyue crack heroes released a patch, but the patch will be a blue screen in XP because the SSDT Hook interrupted when there is no closure on the table directly modify the system caused by SSDT. A reflection of many people, the amendment did not have time to shrimp. So do look younger. There is no source code, IDA reverse the next drive, to write a patch and then replace the original drive resources. Worship you in this powerful IDA F5. The principle is very simple, Hook ZwMapViewOfSection function is to determine Bios information is read, they forged return Founder Bios information.
Platform: | Size: 83968 | Author: 好好 | Hits:

[Delphi VCLDelphiRESSDT

Description: 就是delphi还原SSDT,效果还不错-Delphi is to restore the SSDT, the results were good
Platform: | Size: 3072 | Author: 张张 | Hits:

[Driver DevelopSSDT_Unhook

Description: SSDT恢复源代码,恢复被挂钩的SSDT(系统服务调用函数表)-SSDT unhook sourcecode
Platform: | Size: 4096 | Author: fd | Hits:

[Windows DevelopSyFbt

Description: 杀Inline-Hook SSDT的进程的C++源码,DDK编写。可以杀冰刃,无法杀IL-Inline-Hook SSDT kill the process C++ source code, DDK preparation. Kill Frostsaber can not kill IL
Platform: | Size: 15360 | Author: fishgs | Hits:

[OS programProcessProtect

Description: 在Ring0下实现保护进程,通过HOOK SSDT实现保护进程-The Ring0 achieve protection process, achieved through the protection process HOOK SSDT
Platform: | Size: 6144 | Author: eithack | Hits:

[Driver DevelopProtectMon

Description: 驱动开发,根据PID保护进程,HOOK了 SSDT NtOpenProcess函数,至少可以抵御一切R3病毒终结你的进程!!适合新手学习HOOK ssdt的入门研究-Driven development, the protection under the PID process, HOOK the SSDT NtOpenProcess function, at least the end of you against all the process of virus R3!! Suitable for beginners to learn HOOK ssdt entry of
Platform: | Size: 2048 | Author: coorell | Hits:

[Driver DevelopHookSSDT

Description: hook SSDT 表保护进程,防止进程被非法结束-hook SSDT biao bao hu jin cheng
Platform: | Size: 537600 | Author: 李于 | Hits:

[Driver Developunfilewrite

Description: HOOK SSDT 不让创建文件初学者看。高手飘过-HOOK SSDT Not to create the file。master drifting away
Platform: | Size: 2048 | Author: mingming | Hits:
« 1 2 34 5 6 7 8 9 »

CodeBus www.codebus.net