Location:
Search - hook sdk
Search list
Description: HookAPI is the API SDK that sets up system wide hooks for all windows platforms. It could easily hook 32-bit windows system APIs or 32-bit user-defined DLL. It could be used easily and all you need to do is write a DLL file named mydll.dll or mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan. -HookAPI SDK is the API system that sets up wi de hooks for all windows platforms. It could EAS ons hook 32-bit windows system APIs or 32-bit us er-defined DLL. It could be used easily and all y ou need to do is write a DLL file named mydll.dll o r mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan.
Platform: |
Size: 511784 |
Author: l |
Hits:
Description: SDK+VC。键盘低级钩子,可以实现键盘任意键屏蔽-SDK VC. Junior keyboard hook, can achieve arbitrary keyboard keys shielding
Platform: |
Size: 2525 |
Author: 棋逢对 |
Hits:
Description: 加密解密技术内幕
第1章 PE文件格式深入研究
1.1 PE文件格式格式纵览
1.1.1 区块(Section)
1.1.2 相对虚拟地址(Relative Virtual Addresses)
1.1.3 数据目录
1.1.4 输入函数(Importing Functions)
1.2 PE文件结构
1.2.1 The MS-DOS头部
1.2.2 IMAGE_NT_HEADERS头部
1.2.3 区块表(The Section Table)
1.2.4 各种块(Sections)的描述
1.2.5 输出表
1.2.6 输出转向(Export Forwarding)
1.2.7 输入表
1.2.8 绑定输入(Bound import)
1.2.9 延迟装入数据(Delayload Data)
1.2.10 资源
1.2.11 基址重定位(Base Relocations)
1.2.12 调试目录(DebugDirectory)
1.2.13 NET头部
1.2.14 TLS初始化
1.2.15 程序异常数据
第2章 PE分析工具编写
2.1 文件格式检查
2.2 FileHeader和OptionalHeader内容的读取
2.3 得到数据目录(Data Dircetory)信息
2.4 得到块表(SectionTable)信息
2.5 得到输出表(ExportTable)信息
2.6 得到输入表(ImportTable)信息
第3章 Win32 调试API
3.1 Win32调试API原理
3.1.1 调试相关函数简要说明
3.1.2 调试事件
3.1.3 如何在调试时创建并跟踪一个进程
3.1.4 最主要的循环体
3.1.5 如何处理调试事件
3.1.6 线程环境详解
3.1.7 如何在另一个进程中注入代码
3.2 利用调试API编写脱壳机
3.2.1 tElock 0.98脱壳简介
3.2.2 脱壳机的编写
3.3 利用调试API制作内存补丁
3.3.1 跨进程内存存取机制
3.3.2 Debug API机制
第4章 Windows下的异常处理
4.1 基本概念
4.1.1 Windows下的软件异常
4.1.2 未公开的可靠吗
4.2 结构化异常处理(SEH)
4.2.1 异常处理的基本过程
4.2.2 SEH的分类
4.2.3 相关API
4.2.4 SEH相关数据结构
4.3 异常处理程序设计
4.3.1 顶层(top-level)异常处理
4.3.2 线程异常处理
4.3.3 异常处理的堆栈展开(Stack unwind)
4.3.4 异常处理程序设计中的几个注意事项:
4.4 SEH的简单应用
4.4.1 Win9x下利用SEH进ring0
4.4.2 利用SEH实现对自身的单步自跟踪
4.4.3 其它应用
4.5 系统背后的秘密
4.6 VC是如何封装系统提供的SEH机制的
4.6.1 扩展的EXCEPTION_REGISTRATION级相关结构
4.6.2 数据结构组织
4.7 Windows XP下的向量化异常处理(VEH)
第5章 软件加密技术
5.1 反调试技术(Anti-Debug)
5.1.1 句柄检测
5.1.2 SoftICE后门指令
5.1.3 int68子类型
5.1.4 ICECream子类型
5.1.5 判断NTICE服务是否运行
5.1.6 INT 1 检测
5.1.7 利用UnhandledExceptionFilter检测
5.1.8 INT 41子类型
5.2 反跟踪技术(Anti-Trace)
5.2.1 断点检测
5.2.2 利用SEH反跟踪
5.2.3 SMC技术实现
5.3 反加载技术(Anti-Loader)
5.3.1 利用TEB检测
5.3.2 利用IsDebuggerPresent函数检测
5.3.3 检查父进程
5.4 反DUMP技术(Anti-Dump)
5.5 文件完整性检验
5.5.1 CRC校验实现
5.5.2 校验和(Checksum)
5.5.3 内存映像校验
5.6 反监视技术(Anti-Monitor)
5.6.1 窗口方法检测
5.6.2 句柄检测
5.7 反静态分析技术
5.7.1 扰乱汇编代码
5.7.2 花指令
5.7.3 信息隐藏
5.8 代码与数据结合技术
5.9 软件保护的若干忠告
第6章 加壳软件编写
6.1 外壳编写基础
6.1.1 判断文件是否是PE格式的EXE文件
6.1.2 文件基本数据的读入
6.1.3 额外数据保留
6.1.4 重定位数据的去除
6.1.5 文件的压缩
6.1.6 资源区块的处理
6.1.7 区块的融合
6.1.8 输入表的处理
6.1.9 外壳部分的编写
6.1.10 将外壳部分添加至原程序
6.1.10 小结
6.2 加壳程序综合运用的实例
6.2.1 程序简介
6.2.2 加壳子程序(WJQ_ShellBegin())
6.2.3 PE外壳程序
6.2.4 加进Anti技术
6.2.5 通过外壳修改被加壳PE
6.2.6 VC++调用汇编子程序
第7章 如何让壳与程序融为一体
7.1 序
7.1.1 为何需要壳和程序一体化
7.1.2 为阅读此章节需要的知识
7.1.3 基于此章节用的的例子程序说明
7.2 欺骗检查壳的工具
7.2.1 fi是如何检查壳的
7.2.2 欺骗fi
7.3 判断自己是否给脱壳了
7.3.1 判断文件尺寸
7.3.2 检查标记
7.3.3 外部检测(使用dll)
7.3.4 hook 相关的api(防止loader和调试api)
7.4 使用sdk把程序和壳溶为一体
7.4.1 sdk的意义
7.4.2 做一个带sdk的壳
7.5 后记:关于壳和程序的思考
第8章 Visual Basic 6 逆向工程
8.1 简介
8.2 P-code传奇
8.3 VB编译奥秘
8.4 VB与COM
8.5 VB可执行程序结构研究
8.6 VB程序事件解读
8.7 VB程序图形界面(GUI)解读
8.8 VB程序执行代码研究
8.9 我们的工具
8.10 VB程序保护篇
附录A 在Visual C++中使用内联汇编
附录B 在Visual Basic中使用汇编
Platform: |
Size: 1389111 |
Author: vachel |
Hits:
Description: Hook SDK函数的比较小巧的开源项目
Platform: |
Size: 2533801 |
Author: leproto |
Hits:
Description: HookAPI is the API SDK that sets up system wide hooks for all windows platforms. It could easily hook 32-bit windows system APIs or 32-bit user-defined DLL. It could be used easily and all you need to do is write a DLL file named mydll.dll or mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan. -HookAPI SDK is the API system that sets up wi de hooks for all windows platforms. It could EAS ons hook 32-bit windows system APIs or 32-bit us er-defined DLL. It could be used easily and all y ou need to do is write a DLL file named mydll.dll o r mydll_9x.dll. It is based on ApiSpy32 by Yariv Kaplan.
Platform: |
Size: 510976 |
Author: l |
Hits:
Description:
Platform: |
Size: 2048 |
Author: |
Hits:
Description: 用钩子编写的修改win界面的程序 帮助了解sdk程序-Hook with the preparation of amendments to win the procedure interface sdk help understand the procedure
Platform: |
Size: 77824 |
Author: 邓晨 |
Hits:
Description: hook windows api的程序,为hook Createfile api-hook windows api cavity , most序为hook Createfile api
Platform: |
Size: 2048 |
Author: 大龙 |
Hits:
Description: wince下做的钩子程序,平台是arm9,想学习或者是工作中用到了,可以切磋一下。有要sdk的找我。(mx21)-err
Platform: |
Size: 888832 |
Author: bing ning |
Hits:
Description: 自己写的挂机锁程序 编写语言VC 6.0 +Windows API SDK编程 利用钩子写的-Lock hanging up their own written language programming VC 6.0+ Windows API SDK programming using hook write
Platform: |
Size: 10240 |
Author: xuezhimeng |
Hits:
Description: D3D HOOK模块,可用于制作DX类游戏的外挂,如透视等效果,支持DX8,DX9游戏,用法是将D3D8或D3D9文件夹里的d3d9dev.cpp,d3d9int.cpp,d3d9tex.cpp中的函数内容修改后编译生成DLL,再编译Injector注入,编译环境最好用VS.NET2003,有相应DX SDK,注入器必须用自带的Injector,否则可能没有效果。-D3D HOOK module, can be used to create plug-DX games, such as the effect of perspective, etc. to support DX8, DX9 games, the usage is to D3D8 or D3D9 folder d3d9dev.cpp, d3d9int.cpp, d3d9tex.cpp modify the contents of the function After the compiler to generate DLL, and then compiled into the Injector, the compiler environment is best to use VS.NET2003, corresponding DX SDK, injector must own the Injector, the effect may not have otherwise.
Platform: |
Size: 64512 |
Author: 一招鲜 |
Hits:
Description: HOOK API,对于一个没有接触过人而言,时个神秘地带,真有那么神秘码?微软提供了这方面的开发包DETOUES,很简单,不需要其他工作就可以实现了,不需要跳转指令,不需要修改PE头,更不需要枚举当前所有进程和即将启动的进程-HOOK API, no contact for a man is concerned, when a mysterious area code really so mysterious? Microsoft provided an SDK DETOUES, very simple, no other work can be achieved, and do not need to Jump instructions, will not need to change PE header, but do not need to enumerate all the current process and will soon start the process of
Platform: |
Size: 808960 |
Author: |
Hits:
Description: D3D HOOK模块,可用于制作DX类游戏的外挂,如透视等效果,支持DX8,DX9游戏,用法是将D3D8或D3D9文件夹里的d3d9dev.cpp,d3d9int.cpp,d3d9tex.cpp中的函数内容修改后编译生成DLL,再编译Injector注入,编译环境最好用VS.NET2003,有相应DX SDK,注入器必须用自带的Injector,否则可能没有效果-D3D HOOK module, can be used to create the plug-in DX games, such as the effect of perspective, etc. to support DX8, DX9 games use is to D3D8 or D3D9 folder d3d9dev.cpp, d3d9int.cpp, d3d9tex.cpp modify the contents of the function After the compiler to generate DLL, and then compiled into the Injector, the compiler is best to use the environment VS.NET2003, corresponding DX SDK, injector must own Injector, or may not have the effect of
Platform: |
Size: 73728 |
Author: 盘类 |
Hits:
Description:
整理东西的时候翻出了个几年前的程序,功能是当用户输入拨号、EXCEL,WORD密码时,将其保存在一个文件里。程序用的是日志钩子,这样就不用象其他全局HOOK那样,必须单写一个DLL。
为了让初学者深入了解,将源代码贴上来,(SDK程序VC,BCB等WIN下的C编译器均可编译)象现在那些记录E-MAIL密码,OICQ密码等工具都是这原理,俺当时写着玩意的时候还没有OICQ。
有兴趣的可以自己加上。 -Finishing something when a few years ago, saw video of the procedure, function is to dial-up when the user input, EXCEL, WORD password, save it in a file. Procedures using the log hook, so that, like other global HOOK do not like to be alone to write a DLL.
To enable better understanding of beginners,贴上来the source code, (SDK procedures VC, BCB, etc. under WIN compiler can compile C) as those records are now E-MAIL your password, OICQ password tools are all in this principle, I was written when the game has not OICQ.
Interested can add their own.
Platform: |
Size: 2048 |
Author: 马超 |
Hits:
Description: windows API(清华大学冉林仓编著)源代码,包括8章。本书在介绍Win 32 API函数调用的基础上,重点介绍如何使用Windows SDK API开发Win 32动态链接库和应用程序,并结合进程管理、进程通信、钩子函数、窗口子类化、API HOOK、Internet Explorer开发、网络编程等介绍了API函灵敏在这些方面的综合应用。
本书中的实例源代码可通过 本书主要面向熟悉Windows开发且有一定编程基础的中高级用户,旨在帮助用户提高系统编程的能力。-windows API (Tsinghua University, Ran Lin Cang ed) source code, including Chapter 8. This book describes Win 32 API function calls, based on highlighting how to use the Windows SDK API Developer Win 32 dynamic link libraries and applications, combined with process management, process communications, hooks, window subclassing, API HOOK, Internet Explorer development, network programming and other sensitive letter describes the API integrated applications in these areas. The source code examples in this book may be targeted by this book are familiar with Windows development and programming based on a certain high-class users, designed to help users to improve system programming capabilities.
Platform: |
Size: 5554176 |
Author: 云飞扬 |
Hits:
Description: 微软hook 库 sdk 开发包 64位版本,微软hook 库 sdk 开发包 64位版本-Microsoft hook library sdk development kit 64-bit version of Microsoft hook library sdk development kit 64-bit version of the
Platform: |
Size: 114688 |
Author: 水月 |
Hits:
Description: ue headers file & othe staff. eg sdk for hook
Platform: |
Size: 706560 |
Author: izen |
Hits:
Description: D3D HOOK模块,可用于制作DX类游戏的外挂,如透视等效果,
支持DX8,DX9游戏,用法是将D3D8或D3D9文件夹里的d3d9dev.cpp,d3d9int.cpp,d3d9tex.cpp中的函数内容修改后编译生成DLL,
再编译Injector注入,编译环境最好用VS.NET2003,有相应DX SDK,注入器必须用自带的Injector,否则可能没有效果-D3D HOOK module can be used to make plug-DX games, such as perspective and other effects,
Support DX8, DX9 games use is to D3D8 or D3D9 folder of d3d9dev.cpp, d3d9int.cpp, d3d9tex.cpp the function of the contents of the modified compiled DLL,
Then compiled into the Injector, the build environment is best to use VS.NET2003, there is a corresponding DX SDK, the injector must own Injector, or may not be effective
Platform: |
Size: 69632 |
Author: jibagan |
Hits:
Description: windows CE的键盘钩子,已经过测试,sdk下测试。-wince hook
Platform: |
Size: 12759040 |
Author: 曹华 |
Hits:
Description: D3D HOOK模块,可用于制作DX类游戏的外挂,如透视等效果,支持DX8,DX9游戏,用法是将D3D8或D3D9文件夹里的d3d9dev.cpp,d3d9int.cpp,d3d9tex.cpp中的函数内容修改后编译生成DLL,再编译Injector注入,编译环境最好用VS.NET2003,有相应DX SDK,注入器必须用自带的Injector,否则可能没有效果-D3D HOOK module can be used to make the plug-in DX games, such as perspective and other effects, supports DX8, DX9 games, usage is to D3D8 or D3D9 folder of d3d9dev.cpp, d3d9int.cpp, d3d9tex.cpp content changes in the function After compiled DLL, and then compiled into the Injector, the compiler environment is best to use VS.NET2003, there is a corresponding DX SDK, the injector must own Injector, or may not be effective
Platform: |
Size: 65536 |
Author: 张样 |
Hits: