Welcome![Sign In][Sign Up]
Front-page it | Collect it | [中国-简体中文]
FAQ Fav
Location:
Search - ssdt hook

Search list

[Hook apiHookSSDTShadow

Description: Hook SSDT shadow 示例,首先找到csrss进程然后attach,最后修改ssdt shadow table-Hook SSDT shadow sample, first find the csrss process then attach, last modified ssdt shadow table
Platform: | Size: 17408 | Author: 顺口溜 | Hits:

[Hook apiibtHook

Description: SSDT Hook & ibt Hook Import
Platform: | Size: 122880 | Author: Jang | Hits:

[Hook apidog-technology-analysis

Description: 机器狗新变种使用了一些流行的技术,包含了修复 SSDT Hook 、修复 FSDHook 、并对一些系统还原软件进行有针对的 Hook ,使能达到突破还原软件保 护的目的。做了那么多,最终目的还是下载大量的木马到用户的系统上。-The machine dog new varieties used some of the more popular technology, including the repair SSDT Hook, repair FSDHook, and for some system restore software to have in the Hook of, that can achieve breakthrough software the purpose of the reduction. Do so many, the final purpose or download a lot of Trojan horse to a user s system.
Platform: | Size: 169984 | Author: 锁匠 | Hits:

[Hook apizmpidrive

Description: 通过修改ssdt表 hook掉ZwTerminateProcessZwLoadDriver以及ZwSetSystemInformation 是一份比较简单易读的驱动程序入门源码 是zmpi软件的进程防护拦截模块-By modifying the SSDT hook ZwTerminateProcess ZwLoadDriver and ZwSetSystemInformation Is a relatively simple driver entry source. Is the zmpi software process protection interception module
Platform: | Size: 6144 | Author: 张皓秋 | Hits:

[Hook apiRootkit-V0.1

Description: 某ROOTKIT 的源码,运用了各种SSDT HOOK以及INLINE HOOK,可躲过大部分工具检测-A ROOTKIT source, using the SSDT HOOK HOOK INLINE, can escape most of the tools to detect
Platform: | Size: 492544 | Author: aoshixf | Hits:

[e-languagedriver

Description: 易语言驱动源码模版.对ssdt hook 的处理-Yi language driver source code templates. SSDT hook handle
Platform: | Size: 6144 | Author: 月下 | Hits:

[Hook apiSSDTHookTest

Description: SSDT Hook 简单示例 Hook Native Api ZwQuerySystemInformation 达到隐藏cmd.exe进程的效果,进程名没有大小写限制。(学习agony RootKit的成果)-The SSDT Hook, Native Api the ZwQuerySystemInformation native API to hide the effects of the cmd.exe process, process name is not a case limit.
Platform: | Size: 2169856 | Author: bug | Hits:

[Hook apihook

Description: 修改ssdt表,隐藏进程(使木马难以被操作系统发现)-The modify ssdt table hidden process (so that the Trojan can hardly be the operating system)
Platform: | Size: 131072 | Author: 宿凯翔 | Hits:

[Windows DevelopSSDTHook

Description: 进程隐藏与进程保护(SSDT Hook 实现) 文章目录: 1. 引子 – Hook 技术 2. SSDT 简介 3. 应用层调用 Win32 API 的完整执行流程 4. 详解 SSDT 5. SSDT Hook 原理-SSDT Hook
Platform: | Size: 836608 | Author: anders | Hits:

[Driver DevelopOverloaded-kernel-file-to-bypass-the-SSDT

Description: Hook KiFastCallEntry
Platform: | Size: 212992 | Author: Blue | Hits:

[Driver DevelopHideProcess.sys

Description: ssdt hook实现隐藏进程功能的驱动代码文件-ssdt hook hidden process driver code files
Platform: | Size: 52224 | Author: 谢志和 | Hits:

[OS programkssd-rootkit

Description: 看雪学院Rootkit学习,1.内核Hook:对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-See snow Institute Rootkit learning, kernel Hook: hook from ring3 many, ring3 to ring0 also the api call progressive order, every link has the opportunity to hook int 2e or sysenter. hook, ssdt hook, inline hook, irp hook, object hook, idt hook, etc.
Platform: | Size: 1652736 | Author: stars | Hits:

[OS programssdt-shadow-hook

Description: 易语言 ssdt shadow hook 保护窗口,挂钩多个函数,兼容X86 XP~2008所有32位操作系统。包含调用和驱动源代码,使用sys边源包可编译-The easy language ssdt shadow hook Protection window, linked to more than one function, compatible with X86 XP ~ 2008 all 32-bit operating system. Contains call and driver source code can be compiled to use sys side source package
Platform: | Size: 384000 | Author: 学俊 | Hits:

[Driver DevelopWDK_protect

Description: Fake_NtQuerySystemInfo 断链进程隐藏,Fake_NtOpenProcess 保护进程,Fake_NtCreateSection进程创建等,SSDT hook-Fake_NtQuerySystemInfo hide my process, Fake_NtOpenProcess protect my process, code is simple, all are ssdt hook
Platform: | Size: 6144 | Author: | Hits:

[OS programhide_pro

Description: 隐藏进程,可以在windows下进程隐藏,利用ssdt hook来达到隐藏的-Hidden process, the process can be hidden under the windows, use ssdt hook to reach the hidden
Platform: | Size: 15360 | Author: 恒星 | Hits:

[Driver Developshadow-ssdt

Description: 遍历shadow ssdt 的代码 会win窗体HOOK 很有帮助-Traverse shadow ssdt code will win form HOOK helpful
Platform: | Size: 8547328 | Author: 4444 | Hits:

[Driver DevelopHookDemo_SSDT

Description: SSDT hook 内核api,实现进程隐藏和进程保护功能的源码,备份资料,仅供参考。-SSDT hook kernel api, hidden process and process protection function of the source, the backup data is for reference only.
Platform: | Size: 1043456 | Author: huangzhenyuan | Hits:

[OS programKiFastCallEntry

Description: SSDT HOOK,学习inline hook等相关的技术原理,非常值得参考。-Technical principles related SSDT HOOK, learning inline hook so very worth considering.
Platform: | Size: 352256 | Author: sky | Hits:

[Driver Developssdt_hook

Description: ssdt hook,最简单的内核技术,多用于保护进程。-ssdt hook
Platform: | Size: 3727360 | Author: deeplayer | Hits:

[Driver DevelopShawSsdtHook

Description: ShadowSsdtHook,类似于ssdt hook,不过寻找shadowssdt表方法不一样。而且要列出地址需要附加一个图形进程。-ShadowSsdtHook, SSDT is similar to hook, but for shadowssdt method is not the same. And to list the addresses the need for an additional graphics process.
Platform: | Size: 5018624 | Author: deeplayer | Hits:
« 1 2 3 4 5 67 8 9 »

CodeBus www.codebus.net