Location:
Search - ssdt hook
Search list
Description: SSDT hook example (hiding processes) correction
-SSDT hook example (hiding processes) Corr ection
Platform: |
Size: 1565 |
Author: wewwq |
Hits:
Description: 通过例子介绍了Windows系统服务调用的基本知识及Hook SSDT的方法-by example on the Windows system service called the basic knowledge and methods Hook SSDT
Platform: |
Size: 1004 |
Author: zhangyoufu |
Hits:
Description: 挂钩SSDT,通过驱动和hook函数进行进程控制。
Platform: |
Size: 36983 |
Author: yeqing |
Hits:
Description: 机器狗新变种使用了一些流行的技术,包含了修复SSDT Hook、修复FSD Hook、并对一些系统还原软件进行有针对的Hook,使能达到突破还原软件保护的目的。做了那么多,最终目的还是下载大量的木马到用户的系统上。
Platform: |
Size: 1190435 |
Author: sdlylz |
Hits:
Description: SSDT Hook ZwQuerySystemInformation 隐藏进程
Platform: |
Size: 41793 |
Author: inking |
Hits:
Description: 这是一个SSDT HOOK源代码,希望对大家有点作用
Platform: |
Size: 1390 |
Author: agg |
Hits:
Description: 驱动级隐藏进程代码,SSDT HOOK
Platform: |
Size: 105281 |
Author: red_angelx |
Hits:
Description: Open Source SSDT Hook detection utility, it will scan the SSDT Entries in the kernel (ntoskrnl.exe) and find the functions that are hooked & not in the kernel base address range .
Platform: |
Size: 102400 |
Author: __Genius__ |
Hits:
Description: [Delphi] LoadDriver SSDT Hook.
Compile it with Meerkat 1.1
Use DbgView to catch informations.
Only for Windows XP.
Meerkat 1.1 link :
http://www.mediafire.com/?hbhjorv8797k2-[Delphi] LoadDriver SSDT Hook.
Compile it with Meerkat 1.1
Use DbgView to catch informations.
Only for Windows XP.
Meerkat 1.1 link :
http://www.mediafire.com/?hbhjorv8797k2ee
Platform: |
Size: 1024 |
Author: STRELiTZIA |
Hits:
Description: Hook 了以下函数:
NtUserFindWindowEx FindWindow
NtUserGetForegroundWindow GetForegroundWindow
NtUserQueryWindow GetWindowThreadProcessId
NtUserWindowFromPoint WindowFromPoint
NtUserBuildHwndList EnumWindows
NtUserSetWindowLong SetWindowLong
经XP/Win 2003/Vista/Win7测试可用. 获取ShadowTable表的方法是自己调试出来的玩意,不太清楚稳定性.
-Hook the following functions: NtUserFindWindowEx FindWindow NtUserGetForegroundWindow GetForegroundWindow NtUserQueryWindow GetWindowThreadProcessId NtUserWindowFromPoint WindowFromPoint NtUserBuildHwndList EnumWindows NtUserSetWindowLong SetWindowLong after XP/Win 2003/Vista/Win7 test available. Ways to get ShadowTable table out of their own debugging stuff, is not clear stability if the instability can go online to find a way to get ShadowTable.
Platform: |
Size: 384000 |
Author: TianSin |
Hits:
Description: SSDT HOOK之MmMapIoSpace方法-SSDT HOOK method of MmMapIoSpace
Platform: |
Size: 878592 |
Author: 侃侃 |
Hits:
Description: windows平台下ssdt hook的示例代码 -ssdt hook for windows
Platform: |
Size: 1013760 |
Author: 杨杨 |
Hits:
Description: 易语言SSDT HOOK编程框架,在此基础上,可以快速实现SSDT HOOK 驱动开发-The easy language SSDT HOOK programming framework, on this basis, you can quickly achieve SSDT HOOK-driven development
Platform: |
Size: 12288 |
Author: 学俊 |
Hits:
Description: 里面有
SSDTHOOK
Shadow SSDT HOOK
内存读写
等等自己看去
-SSDTHOOK
Shadow SSDT HOOK
Platform: |
Size: 19456 |
Author: 四大皆 |
Hits:
Description: SSDT检测与恢复
自带驱动
支持恢复全部SSDT HOOK-SSDT detection and recovery to restore native driver support all SSDT HOOK
Platform: |
Size: 3507200 |
Author: 李健毅 |
Hits:
Description: 很多人听说过HOOK 很多人也了解内核HOOK inline hook,sysenter hook,ssdt hook,我这次写的就是ssdt hook,修改系统服务函数的地址改成我的回调地址,当初写的时候 下载了十几个源码,都是蓝屏,这个是我调试出来的,XP系统没问题的-Many people have heard a lot of people understand the core HOOK HOOK inline hook, sysenter hook, ssdt hook, I write this is ssdt hook, modifying the system service function' s address into my callback address, when he started writing when downloading a dozen Several source, are blue, this is out of my debugging, XP system is not the problem
Platform: |
Size: 55296 |
Author: jkjk |
Hits:
Description: windows xp ssdt hook学习源码。是一个很不错的简单小程序,有利于理解ssdt hook木马原理。-Windows XP SSDT hook source code to learn. Is a good simple small program, it is helpful to understand the SSDT hook Trojan horse principle.
Platform: |
Size: 5120 |
Author: 陈栋 |
Hits:
Description: SSDT钩子恢复,可以检测SSDT函数是否被挂钩,并可以恢复-SSDT hook recovery, you can detect whether hook SSDT function, and can be restored
Platform: |
Size: 284672 |
Author: 薛晨曦 |
Hits:
Description: 一个寒江老师的课件,单独出来发的目的是,让初级入门的驱动程序员们,很快的了解驱动如何对SSDT挂钩以及Windows应用程序如何简单的调用驱动接口的流程。
代码非原创,但是是我看到的最简单和最清楚的流程之一,非常适合刚入门驱动员们的口味,需要的就赶快下载吧。(It`s hanjiang teacher courseware, the purpose is to separate out, let the driver programmer entry-level, quickly understand how to drive SSDT and Windows applications to hook a simple call driver interface process.
The code is not original, but it is one of the simplest and clearest processes I have ever seen. It's very suitable for the beginner's driver's taste. You need to download it as soon as possible.)
Platform: |
Size: 212992 |
Author: pigshuai
|
Hits:
Description: SSDT HOOK chain说明,学习WINDOWS HOOK的好好学习(SSDT HOOK chain explains that learning WINDOWS HOOK is a good study)
Platform: |
Size: 121856 |
Author: okeyes
|
Hits: