Location:
Search - rootkit hide
Search list
Description: rootkit工具,可以隐藏进程和驱动-rootkit tool to hide processes and drive
Platform: |
Size: 112640 |
Author: 魏慧乾 |
Hits:
Description: hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.
Platform: |
Size: 142336 |
Author: |
Hits:
Description: Rootkit,用来隐藏进程, 是从系统底层彻底隐藏哦(用process32frist等看不到)。
原本出自www.rootkit.com 我把他修改抽象出了一个hideme函数。 只要在程序中调用就可以了。 另外需要一个sys的支持,我放进来了。 但可能会被某些杀毒软件以为是病毒哦!-Rootkit, to hide the process from the system is completely hidden Oh bottom (using other process32frist see). Originally from www.rootkit.com I put him to revise the abstract hideme out of a function. As long as the procedure call on it. Also needs a sys support, I put up. It might be thought that some antivirus software is a virus!
Platform: |
Size: 6144 |
Author: 胡俊杰 |
Hits:
Description: 一个用delphi开发的开源rootkit代码,可以隐藏文件,目录,进程,句柄等信息。-used to develop an open-source code rootkit can hide files, directories, processes, handle such information.
Platform: |
Size: 247808 |
Author: 杨树 |
Hits:
Description: AFX Rootkit 2005 by Aphex
http://www.iamaphex.net
aphex@iamaphex.net
WARNING -> FOR WINDOWS NT/2000/XP/2003 ONLY!
This program patches Windows API to hide certain objects from being listed.
-AFX Rootkit 2005 by Krautrock http :// www.iamaphex.net aphex@iamaphex.net WARN ING-
Platform: |
Size: 437248 |
Author: 唐伯虎 |
Hits:
Description: Linux 下 的 rootkit 攻击,利用rootkit可以让攻击者用来隐藏自己的踪迹和保留root访问权限。-under Linux rootkit attacks, use rootkit could allow an attacker to hide their trail and retain root permissions.
Platform: |
Size: 323584 |
Author: Joe Zhao |
Hits:
Description: 一个反向的能彻底隐藏自身的PIPE后门程序yajing2,支持24条基本命令,她的附加资源包能在入侵内网的情况下,压缩下载大数据量的文件,附加了HTTP,SOCKS4,SOCKS5代理功能,还有TCP包代理转发功能,他能取被入侵的宿主主机的密码帐号和主机信息,支持键盘记录功能,支持大量的配置参数,支持WEB的配置.-A reverse of the can thoroughly PIPE hide their backdoors yajing2, support for 24 basic commands, she can pack additional resources within the network in the invasion of circumstances, the amount of data compression to download large files, added a HTTP, SOCKS4, SOCKS5 proxy function, as well as TCP packet forwarding agent, he can check the invasion of the host account password and host information, support keyboard record function, support a large number of configuration parameters, to support the WEB configuration.
Platform: |
Size: 167936 |
Author: 石大 |
Hits:
Description: 隐藏程序的最好方法,这样的方法算还蛮先进的了.-The best way to hide the process, this approach has been considered quite advanced.
Platform: |
Size: 237568 |
Author: huangai93 |
Hits:
Description: 端口隐藏
主动防御-Hide port active defense
Platform: |
Size: 263168 |
Author: 网啊 |
Hits:
Description: Rootkit:hide proce-Rootkit: hide proce
Platform: |
Size: 2098176 |
Author: jeffrey |
Hits:
Description: dd1压缩包里面是驱动源码
console压缩包里面是控制台源码
hide.exe是最终产品
使用方法:
1、将hide.exe复制到系统目录
2、运行cmd
3、hide -h 查看帮助
hide -i 安装驱动
hide -u 卸载驱动
hide -f -a filename 添加一个隐藏文件
by boywhp 07/09/03
Email:boywhp@126.com-DD1 compression driver source package which is inside the console is a console cabinet is the ultimate source hide.exe products to use: 1, will hide.exe copied to the system directory 2, run cmd3, hide-h Show help hide-i install Drive hide-u uninstall driver hide-f-a filename to add a hidden files by boywhp 07/09/03Email: boywhp@126.com
Platform: |
Size: 112640 |
Author: xixuer |
Hits:
Description: Rootkit that hide process selected.
Platform: |
Size: 3072 |
Author: NightFox |
Hits:
Description: 见包名字就知道是什么了哦,对ENG好的人来说就是好东西-Although they have been around for quite some time, rootkits have become somewhat of a
buzzword in the security industry over the past year. While rootkits have traditionally been used
by sophisticated attackers to hide their presence on compromised machines, recent worms,
viruses, and trojans have started using them to complicate efforts to detect and clean infected
machines. Microsoft recently reported that over twenty percent of the malware found by their
malicious code removal tool on Windows XP Service Pack 2 machines contained rootkit
technology [1]. By hiding the infection, rootkits allow the malicious software to remain on the
system for a longer period of time. This enables the malicious software to steal more information,
send out more spam, launch more DDOS attacks, and ultimately make more money for whoever
is controlling it. Even some commercial software has adopted techniques used by rootkits for
protection. The most famous example of this is the Sony Digital Ri
Platform: |
Size: 691200 |
Author: fdef |
Hits:
Description: windows 系统下 隐藏 进程的代码 此代码使用了rootkit技术-windows system code to hide the process of the code used rootkit technology
Platform: |
Size: 3072 |
Author: 雪妖 |
Hits:
Description: darkspy是一款针对rootkit(攻击者用来隐藏自己的踪迹和保留root访问权限的工具)的多通道检测工具,它联合了多种扫描技术,-darkspy is a targeted rootkit (the attacker to hide their tracks and keep root access tool) multi-channel detection tool, it combined a variety of scanning techniques,
Platform: |
Size: 635904 |
Author: my |
Hits:
Description: I m releasing my private ring3 rootkit "DarkFire" now. It s written in C#, source is included. Also there are the 4 examples, but you may also execute the source from VS if you don t trust exes...
Features:
* Hide Processes
* Hide Registry values
* Hide Registry keys
* Anti Sandbox for several sandboxes
-I m releasing my private ring3 rootkit "DarkFire" now. It s written in C#, source is included. Also there are the 4 examples, but you may also execute the source from VS if you don t trust exes...
Features:
* Hide Processes
* Hide Registry values
* Hide Registry keys
* Anti Sandbox for several sandboxes
Platform: |
Size: 29696 |
Author: sonam |
Hits:
Description: Hide process,file,port,directory and registery root kit.
Platform: |
Size: 568320 |
Author: Hong |
Hits:
Description: Win32 Kernel Rootkits modify the behaviour of the system by Kernel Native API hooking. This technique is typically implemented by modifying the ServiceTable entries in the Service Descriptor Table (SDT). Such modification ensures that a replacement (hook) function installed by a rootkit is called prior to the original native API. The replacement function usually calls the original native API and modifies the output before returning the results to the user-space program. This technique allows kernel rootkits to hide files, processes, and to prevent process termination.
This proof-of-concept tool demonstrates the possibility of defeating such rootkits by removing Kernel Native APIs hooks and restoring the ServiceTable entries back to their original state.
Platform: |
Size: 8192 |
Author: Mimi |
Hits:
Description: Example of how to hide process & registry keys for a rootkit.
Platform: |
Size: 6144 |
Author: nignog |
Hits:
Description: ROOTKIT 利用hook技术可以隐藏指定的端口 需要以驱动加载的形式把hook加载进内核 这里利用了insdrv工具(The ROOTKIT uses hook technology to hide the specified port and needs to load the hook into the kernel in the form of driver loading using the insdrv tool)
Platform: |
Size: 1622016 |
Author: 光帅帅 |
Hits: