搜索资源列表
HybridHook
- Rootkit IAT HOOK---利用内核共享内存实现IAT hook-Rootkit IAT HOOK--- realize the use of shared memory kernel IAT hook
source
- 一个很好的反rootkit例子,终止其运用或替换 重要system dlls.-A good example of anti-rootkit, to terminate the use or replacement of important system dlls.
load_Sys
- 驱动程序加载卸载工具 编写RootKit加载驱动程序的测试工具 自己写的-Driver loading and unloading tools prepared RootKit driver load testing tool wrote it myself
FUTo_enhanced
- FU rootkit (enhanced)
HideProcessHookMDL
- BASIC ROOTKIT that hides processes
FU_Rootkit
- Rootkit:hide proce-Rootkit: hide proce
gphynew
- 驱动级的Rootkit,进行Roo的。-Driver class Rootkit, for the Roo.
BIOSRootkitjiancejishudeyanjiu
- BIOS Rootkit 及其检测技术的研究 重庆大学硕士学位论文-BIOS Rootkit detection technology and its research Chongqing University Master' s degree thesis
IAT_HOOK
- 使用ROOTKIT技术,实现ITA HOOK-ITA_HOOK
rkhunter-1.3.2.tar
- 在网络安全中经常会遇到rootkit,NSA安全和入侵检测术语字典( NSA Glossary of Terms Used in Security and Intrusion Detection)对rootkit的定义如下:A hacker security tool that captures passwords and message traffic to and from a computer. A collection of t
rootkit
- 这是关于Windows内核编程的一些源程序,适合初学者,是技术含量较高的资料了-This is about a number of programming Windows kernel source code, suitable for beginners, is the technical content of information available to the higher
hxdef100r
- Kernel rootkit hacker defender
chpie_smm_keysniff_ENG
- Rootkit in english upload by benina
Patchfinder_w2k_2.11
- Rootkit upload by benina rea
BIOSRootkitIVTHook
- BIOS Rootkit为了达到控制系统流程的目的,一般会采用Hook IVT,即Hook中断向量表的方式来实现。IVT Hook的实现和检测,涉及许多具体的问题。因此,我把IVT Hook分几部分来进行讨论。在本节和下面几节中,我们将讨论如何借助Bochs的帮助来查看原始IVT、分析IVT Hook情况以及在此基础上写一个简单的IVT检测程序。闲话少说,这就开始我们的旅程吧-BIOS Rootkit process control
shv4.tar
- Source code for SHV4 rootkit. Its old version of the rootkit but very good for study purposes
rootkit_hide_process
- Rootkit that hide process selected.
chkrootkit.tar
- rootkit is a tool to locally check for signs of a rootkit.
SpamMon_src
- "spamMonitor is a small program to detect if your computer is sending spams, in case of a virus/rootkit infection. It displays an alert each time an outgoing SMTP connection is established from your PC and gives you all
chipset_rootkit
- 国外牛人写的。这是一个在XP虚拟机中运行的SMM rootkit,由于SMM的硬件相关性,该程序只能用于装了XP多核的虚拟机上,不过对于这种新兴的chipset级别的rootkit有很高的研究价值。毕竟在黑帽大会上波兰那两个黑客没把源码公布。-SMM Rootkit chipset-level rootkit