搜索资源列表
HookShadowSSDT
- 一个演示如何hook shadow ssdt表的例子。
KillIceSword(SSDT_and_Inline_Hook_in_Ring0)
- 通过SSDT绕过IceSword的inline Hook来关闭IceSword-IceSword bypass through the SSDT to turn off the inline Hook of IceSword
Hide_Process_Hook_MDL
- SSDT Hook ZwQuerySystemInformation 隐藏进程-SSDT Hook ZwQuerySystemInformation hidden processes
FileIOMonitor
- SSDT拦截文件读写,提供接口供ring3通讯-SSDT block read and write documents, providing an interface for communication ring3
hookssdt
- 再谈内核及进程保护,利用hook掉系统ssdt保护进程的例子。-Return to the kernel and the process of protection, the use of SSDT hook off system to protect the process of example.
ssdthookinlinehook
- 这是一个SSDT HOOK源代码,希望对大家有点作用-This is a SSDT HOOK source code, I hope we are a bit on the role of
pcsharevip
- 高级会员办的远程*,能实隐藏能力相当强,上线稳定,屏幕传输快,修改SSDt公能-Senior members do remote Trojans, the ability to hide it very strong, on-line stability, faster transmission screen, modify the public can SSDT
SDTrestore-0.2
- SSDT 恢复代码 SSDT 恢复代码-SSDT code to restore to restore SSDT code
ProcDeny
- 内核级进程监控源码, 1.可以通过指定监控进程名的形式来禁止指定进程的运行. 2.可以实时监控本机哪些进程正在创建,运行等等 程序通过挂载SSDT实现-Kernel-level process monitoring source, 1. Can monitor the process by specifying the form name to prohibit the operation of the specified
RestoreSSDT
- 恢复SSDT的超强源代码,直接读取原始SSDT地址表,可查看并修复所有SSDT。-To restore SSDT super source code, direct read SSDT original address table, you can review and fix all the SSDT.
Ring3SSDT
- windows 用户态 感染驱动, 恢复ssdt-windows user state infected drive and restore SSDT
antiTX
- 1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread KiAttachProce-1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory NtWriteVirtualMemory NtOpenProcess NtOpenThread K
SSDT_Helper_src
- HOOK SSDT Hook系统服务描述表.查看SSDT.是个好东西-HOOK SSDT that s may be is you need
vice
- 能够找出给种类型的系统Hook,包括IAT表,SSDT表等相关的钩子-VICE is a tool to find hooks. Features include: 1. Looks for people hooking IAT s. 2. Looks for people hooking functions in-line aka detouring. 3. Looks for hooks in the System
DELPHI_RecoverSSDT
- DELPHI恢复SSDT winXP D7编译通过-Delphi Recover SSDT
Kehook
- 对于hook,从ring3有很多,ring3到ring0也有很多,根据api调用环节递进的顺序,在每一个环节都有hook的机会,可以有int 2e或者sysenter hook,ssdt hook,inline hook ,irp hook,object hook,idt hook-The hook, from ring3 there are many, ring3 to ring0 there are many, according
antihook_src
- 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
RING0
- RING0下检测用HOOK SSDT隐藏进程的代码,直接build,适用于XP,2000系统。短小实用。-RING0 detect hidden process by HOOK SSDT code directly build, apply to XP, 2000 systems. Short and practical.
RestoreShadow
- Ring0下恢复SSDT Shadow。-Restore SSDT Shadow.