Location:
Search - Kernel Hook
Search list
Description: 直接内核钩子。教你如何用C写内核函数钩子。文件里面包含了详细文档和代码。-direct kernel hook. Teach you how to write C kernel function hook. File includes detailed documentation and code.
Platform: |
Size: 65948 |
Author: liudaocan |
Hits:
Description: 区分大小写的按键记录器2个(利用消息钩子)-case-sensitive keys for two records (using news hook)
Platform: |
Size: 25600 |
Author: 刘麻子 |
Hits:
Description: 驱动层Hook系统内核调用的,拦截对进程的操作的源码,提供7步tutorial,步步为营,教学驱动编程的绝好样例-Hook-driven system kernel called the interception of the process of operation of the source. provide seven-step tutorial and step-by-step business, teaching driven programming excellent example
Platform: |
Size: 251904 |
Author: 诚然 |
Hits:
Description: 直接内核钩子。教你如何用C写内核函数钩子。文件里面包含了详细文档和代码。-direct kernel hook. Teach you how to write C kernel function hook. File includes detailed documentation and code.
Platform: |
Size: 65536 |
Author: liudaocan |
Hits:
Description: 一个hookapi的例子,学习全局hook,通过HOOK内核NDIS API来实现的。听说诺顿也是使用此方法来实现。-A hookapi example, learning the overall hook, through the NDIS API kernel HOOK achieved. Norton is also heard to use this method to achieve.
Platform: |
Size: 146432 |
Author: f101 |
Hits:
Description: nthookengine.zip(内核钩子)-nthookengine.zip (kernel hook)
Platform: |
Size: 790528 |
Author: zengyanglong |
Hits:
Description: Linux 2.6 内核下劫持系统调用,代码比较简单,还是可以参考参考的。-Linux 2.6 kernel system call hijacking, the code is relatively simple, or can refer to as a reference.
Platform: |
Size: 37888 |
Author: dengke |
Hits:
Description: Windows内核态SSDT-hook实现进程隐藏和文件隐藏,代码很规整,学习内核编程的好例子 -a good example of studying kernel programing or driver developing,
SSDT hook
Platform: |
Size: 5120 |
Author: goodone |
Hits:
Description: 创建一个内核驱动,伪造一个ssdt表,使得ssdt钩子失效。-Create a kernel driver, forged a ssdt table, making failure ssdt hook.
Platform: |
Size: 72704 |
Author: john smith |
Hits:
Description: Example of kernel hook (MS Visual Studio 2005) of system call NtOpenProcess to prevent opening process from user mode
Platform: |
Size: 5120 |
Author: Spec8472 |
Hits:
Description: Sometimes, we run into a situation when we badly need to hook some kernel function, but are unable to do it via conventional PE-based hooking. This article explains how kernel functions can be directly hooked. As a sample project, we are going to present a removable USB storage device as a basic disk to the system, so that we can create and manage multiple partitions on it (for this or that reason, Windows does not either allow or recognize multiple partitions on removable storage devices, so we are going to cheat the system). On this particular occasion, we will hook only one function, but the approach described in this article can be extended to handle multiple functions (for example, one of my projects required direct hooking of quite a few functions from the NDIS library). You should clearly realize that this article is about direct hooking and not about dealing with USB storage, so please don t tell me that the sample problem may have been solved differently.
Platform: |
Size: 10240 |
Author: gto |
Hits:
Description: 本文从难易程度上主要分三块详细介绍:一.用户模式Hook:IAT-hook,Dll-inject 二.内核模式Hook:ssdt-hook,idt-hook,int 2e/sysenter-hook 三.Inline Function Hook -In this paper, Difficulty Level 3 detail the main points: 1. User Mode Hook: IAT-hook, Dll-inject 2. Kernel-mode Hook: ssdt-hook, idt-hook, int 2e/sysenter-hook 3. Inline Function Hook
Platform: |
Size: 14336 |
Author: lee |
Hits:
Description: kernel Inline Hook word doc
详谈内核三步走Inline Hook实现-kernel Inline Hook word doc go into the details to achieve core three-step Inline Hook
Platform: |
Size: 25600 |
Author: jpinglove |
Hits:
Description: VB恢复内核钩子的一个示例工程文件。可以调试。-VB restore a core sample project file hook. For debugging.
Platform: |
Size: 13312 |
Author: 蓝云 |
Hits:
Description: Linux网络核心堆栈。本文讨论模块编写者如何利用Netfilter hook 来实现任意目的以及如何将将网络通信在基于Libpcap 的应用程序中隐藏。-Linux core of the network stack. This article discusses how to use Netfilter hook module writers to achieve any purpose and how the network communications applications based Libpcap hidden.
Platform: |
Size: 225280 |
Author: wk |
Hits:
Description: 现在没有保护的游戏越来越少了,不管游戏开发商采用的是知名的保护软件,还是自己开发的保护,都涉及到驱动。没办法,谁叫我喜欢分析数据了呢那就过保护吧!怎么过,没头绪。先学习一下内核编程吧。主要是内核HOOK。今天就学习一下InLine HOOK。-Fewer games without protection, regardless of game developers using the well-known protection software, or develop their own protection, are related to the drive. No way, who told me like the analysis of the data it over protection bar! How too, no clue. First learn kernel programming. Mainly the Kernel HOOK. Learn about InLine HOOK.
Platform: |
Size: 449536 |
Author: sigma |
Hits:
Description: 目前流行和成熟的kernel inline hook技术就是修改内核函数的opcode,通过写入jmp或
push ret等指令跳转到新的内核函数中,从而达到修改或过滤的功能。这些技术的共同点
就是都会覆盖原有的指令,这样很容易在函数中通过查找jmp,push ret等指令来查出来,
因此这种inline hook方式不够隐蔽。本文将使用一种高级inline hook技术来实现更隐蔽的
inline hoo技术(Currently popular and mature kernel inline hook technology is to modify the kernel function of the opcode, by writing JMP or push, RET and other instructions jump to the new kernel function, so as to achieve the function of modification or filtering)
Platform: |
Size: 32768 |
Author: xiami001
|
Hits:
Description: 驱动重载 Hook SSDT 绕过钩子 理论上过一切保护(reload-kernel , Hook SSDT)
Platform: |
Size: 21504 |
Author: PUBG_WG |
Hits:
Description: hook d3d显卡驱动源码,内核驱动hook(hook D3D graphics driver source code, kernel driven hook)
Platform: |
Size: 320512 |
Author: revolt |
Hits:
Description: 火绒注入(内核hook稳定注入),功能强大,完美实用各种场景(Tinder injection (kernel hook stable injection), powerful, perfect and practical all kinds of scenes)
Platform: |
Size: 5434368 |
Author: shenyuanyuan |
Hits: