搜索资源列表
hideme
- Rootkit,用来隐藏进程, 是从系统底层彻底隐藏哦(用process32frist等看不到)。 原本出自www.rootkit.com 我把他修改抽象出了一个hideme函数。 只要在程序中调用就可以了。 另外需要一个sys的支持,我放进来了。 但可能会被某些杀毒软件以为是病毒哦!-Rootkit, to hide the process from the system is completely hidden Oh botto
ApiHookCheck
- rootkit检测应用程序的是否被hook,里面包含了源码。包含应用层和驱动层代码。-rootkit detection application procedures whether the hook, which contains the source code. Includes application layer and layer-driven code.
AFXRootkit2005
- 一个用delphi开发的开源rootkit代码,可以隐藏文件,目录,进程,句柄等信息。-used to develop an open-source code rootkit can hide files, directories, processes, handle such information.
kilster
- 利用挂钩线程调度链表来检测进程的代码。基本能查出当前所有Rootkit隐藏的进程。系统编程爱好者必下。-use of thread scheduling Chain link to the code detection process. Basic can be detected all current Rootkit hidden process. System programming enthusiasts certainly un
FILEMON4.34
- 文件名:filemon4。34,文件过滤驱动,最新版的filemon源代码。Sysinternals版-File Name : filemon4. 34, the paper filter driver, the latest version of the filemon source code. Rootkit version
flister
- 检测windows下rootkit对文件的隐藏。some usermode overwrites first few bytes of ZwQueryDirectoryFile and that trick will fail then :( So, you will probably need a small database of the correct indexes for all Windows versions-
knark-0.59
- Knark is a kernel-based rootkit for Linux 2.2. 使用此工具可以获得root权限 -Knark is a kernel-based rootkit for Linux 2.2. Use of this tool can root
IATroot
- IATroot为一款以Hook IAT表中的输入函数为基础的一款RootKit,功能比较完整,其中自带一个Native API的开发库及源代码。-IATroot Hook to one to table the IAT input function-based one RootK it, more functional integrity, which own a Native API development libraries and
Single_Byte_Hooks
- Recently I rewatched Joanna s HITB presentation video and I noticed she said that a rootkit leveraging a single byte modification is impossible! Well I think that was a little bold to say and in my opinion it doesn t
MicroRk_Very_small_usermode_rootkit
- MicroRk - Very small usermode rootkit
hookport
- 驱动类 rootkit 修改端口显示-drive to amend the port category rootkit show
hideregrootkit
- 驱动类 rootkit HOOK注册表读取-driven category rootkit HOOK read registry
ntapi
- delphi NT本地API单元 用delphi写rootkit方便了。-delphi NT local API module delphi write rootkit convenient.
He4Hook215b6
- 尔罗斯著名黑客写的rootkit,里面有很多rootkit技术可以学习-Jilin written by famous hacker rootkit, there are many rootkit technology learning
FU_Rootkit
- windows rootkit,可以列举出内核驱动程序以及就可以把自己的.sys隐藏起来-windows rootkit. can be cited and kernel drivers will be able to own. sys hidden
HkeRootkit
- 演示不用DLL HookAPI 一个类似Rootkit隐藏文件的小程序-not demonstrated a similar DLL HookAPI Rootkit hidden small procedures
AFXRootkit0001
- AFX Rootkit 2005 by Aphex http://www.iamaphex.net aphex@iamaphex.net WARNING -> FOR WINDOWS NT/2000/XP/2003 ONLY! This program patches Windows API to hide certain objects from being listed. -AFX Rootki
InsideWindowRootkits
- rootkit 大家都知道吧,这个资料是最新的,想研究rootkit 技术的看看吧,我敢说这是最新的-rootkit everyone you know that this information is the latest, Study to look at the rootkit technology, and I dare say this is the latest
bootkitbasic
- 可在系统引导时工作的RootKit,较简单 1) It s very small.The basic fr a mework is just about 100 lines of assembly code.It supports 2000,XP,2003 2) It patches the kernel at runtime(no files are patched on disk).(basic version has
uay_source
- 一个驱动上实现 无进程 无端口 无服务的简单rootkit-a driver on the achievement of a process without port services without the simple rootkit