搜索资源列表
ExcpHookMonitor_0.0.4
- ExcpHook is an open source (see license.txt) Exception Monitor for Windows made by Gynvael Coldwind (of Team Vexillium). t uses a ring0 driver to hook KiExceptionDispatch procedure to detect the exceptions, and then shows information about the except
Rootkit 内核hook 隐身术
- Rootkit 1。 内核hook 隐身术 ring0中调用ring3程序 其他
RING0.RING0下检测用HOOK SSDT隐藏进程的代码
- RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。,RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
ObReferenceObjectByHandle
- Inline HOOK ObReferenceObjectByHandle 保护进程-Inline HOOK ObReferenceObjectByHandle
ring0
- Ring0钩子防网页挂马的一个代码,不错。-Anti-hook Ring0 pages linked to the horse a code, yes.
ring0
- ring0 hook from an Chinese website
Kehook
- 对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-The hook, from ring3 there are many, ring3 to ring0 there are many, according to api call progressive sequen
InlineReHOOK
- ring0下恢复inline hook 还有点bug-inline hook resume ring0
RING0INLINEHOOK
- RING0下的恢复所有模块导出函数的INLINE HOOK驱动-RING0 restore all modules under the derived functions INLINE HOOK-driven
Ring0
- Hook NtQueryDirectoryFile隐藏文件 仅限32位系统-Hook NtQueryDirectoryFile hidden files is limited to 32-bit systems
registry-monitor
- windows注册表监控源码。Ring0级中HOOKSSDT实现。-Windows registry monitoring source. The level Ring0 hook SSDT achieve.