Description: A driver which can access the SSDT table. Link Name: L"SSDT" I/O operation supported: GET_HOOK, SET_HOOK, GET_PROC, SET_PROC
- [RESSDT] - SSDT, this thing, everyone should know,
- [antiTX] - 1.恢复shadow ssdt 2.恢复 NtReadVirtualMemory
- [usp10] - Usp10.dll use to achieve the purpose of
- [antihook_src] - Create a kernel driver, forged a ssdt ta
- [HOOK] - SSDT and the SSDT Shadow HOOK common fra
- [falkssdtHOOK] - By forging SSDT to intercept calls to th
File list (Check if you may need any files):
SSDT
....\buildchk.log
....\Debug
....\makefile
....\obj
....\...\_objects.mac
....\objchk
....\......\i386
....\......\....\ssdt.obj
....\sources
....\SSDT.cpp
....\SSDT.dsp
....\SSDT.dsw
....\SSDT.H
....\SSDT.ncb
....\SSDT.opt
....\sys
....\...\i386
....\...\....\SSDT.pdb
....\...\....\SSDT.sys