搜索资源列表
xHook
- 当你在网络上抓到一些数据包,想知道这些包是哪个进程发出来的时候, 怎么办?这个小工具也许能帮一些忙。 这个工具采用的是HOOK进程的winsock API,把一些数据记录下来。-When you caught on the network data packets and would like to know which of these packages is issued to the process, how do? This small tools may be able to
Dll2Process
- 动态库注入器 1.0 功能:将一个动态库文件注入到一个正在运行的进程内. 应用:通过注入功能,可以实现对一个进程的api hook,比如写一个dll,然后hook socket api,然后注入到你想监视的进程,这样就能够用于网络数据包的分析了 -DLL injector 1.0 features : a dynamic library file is injected into a running process. Applications : by injecting fu
ipgate_src
- ipgate程序,hook api 截获转发数据包-ipgate procedures, hook api intercepted transmitted data packets
Api Hook和封包拦截技术
- const WM_UNSUBCLASS = WM_USER + 2001 //卸载子类化消息 WM_SENDDATA = WM_USER + 2003 //收到要发送新数据包的消息 type PMyDLLVar = ^TMyDLLVar //用来共享的内存数据结构 TMyDLLVar = record SubClass: Boolean //是否已经子类化 HookWindow, SpyWindow: LongWORD //要安装HOOK的窗口及用于接收消息的窗口 hHook: LongWORD
Netiffer
- 网络数据包捕获查看工具, 支持三种 数据包捕获方式: 1、Raw嗅探 2、Hook指定进程API,截获数据包 3、端口数据转发-Network packet capture viewer, Support for packet capture of three ways: 1, Raw sniffer 2, Hook the specified process API, intercepted data packets 3, the port forwar
Tren
- 魔兽游戏里踢人 我们HOOK Send函数。如果我们和某个玩家私聊,假设输入7720668,那么肯定可以在pBuffer中搜索到这个字符串,然后我们关闭相应的socket即可实现T人了。(这里也说明了:只有主机才可以T人。因为通过伪造TCP、SYN、ACK数据包来实现,几乎不可能) -World of Warcraft game kicking us HOOK Send function. If we whisper a player, assuming that the input 7
r3_Hook_NtDeviceIoControl
- Ring3挂钩实现网址过滤、重定向——《另类挂钩-RING3数据包监视》-Ring3 linked to achieve URL filtering, redirection- the " alternative hook-RING3 packet monitoring."
wsock32
- 通过api拦截socket数据包,创建一个动态链接库来代替原winsock接口库,可放入外挂控制代码-Instead api intercept a the socket packet, to create a dynamic link library the original winsock interface library, into the plug-in control code
inject
- 钩子程序,替换windows的发送和接收函数,捕获数据包-Hook procedures, to replace the windows to send and receive function, packet capture
RAWSOCK01
- 捕获数据包源程序代码-packet
FITER
- 基于Filter—Hook Drive设计个人防火墙-Based on Filter-Hook Drive Design of Personal Firewall
cap
- 基于winpcap的网络捕获数据包与解析 -capture the packet of the network
apihook
- C#.NET 2008下开发的API HOOK进程send函数,可封装成DLL,对发送的数据包进行拦截,修改-C#. NET 2008 development of the API HOOK process under the send function, can be packaged into a DLL, for sending data packets to intercept, modify,
hook-RING3
- 另类挂钩-RING3数据包监视 另类挂钩-RING3数据包监视-Alternative hook-RING3 packet monitoring alternative hook-RING3 packet monitoring
firewall
- 可以实现在WINDOWS下基于tcp,udp以及icmp协议的数据包过滤的简易防火墙-Simple firewall that can be achieved under WINDOWS tcp, udp and icmp protocol-based packet filtering
IE_HookTest
- 对IE进行HOOK, 通过读取IE进程内存方式修改改写内存方式 修改数据包或者地址,某公司病毒式推广曾采取这种方式-IE HOOK, IE read through the process of memory overwrite memory modify modify data packets or address, a viral promotion has taken this way
analyzeeth_winpcap.cpp
- 该程序通过利用WinPcap提供的捕获数据包函数,对网络中的数据包进行采集分析。-The program provided through the use of WinPcap packet capture function in the network packet capture analysis.
instiffilewall-
- 本代码实现防火墙,包含执行文件的生成以及钩子的联系,能够截获数据包。-This code implements the firewall, including the implementation of the document generation and hook link intercepted data packets.
Packet-capture
- 利用WSP_send和WinPcap类来采集数据包-WSP and use WinPcap to capture packets
smsniff
- 网络抓包软件,可以分析网络数据包,分解数据包头部-network snatch software