搜索资源列表
钩子函数例子
- This the example from Iczelion s Win32 Assembly Tutorial part 24. In order to assemble the example, you have to have ml.exe, link.exe and nmake.exe in your path. If they re not in the path, you will have to edit makefile to include the full path. You
HookImport_src
- Enclosed is MFC source code for a function which can be used to hook any imported function call which your application makes. Since most of the Win32 API is implemented using import functions in dlls, this means that you hook Win32 API calls. This is
Single_Byte_Hooks
- Recently I rewatched Joanna s HITB presentation video and I noticed she said that a rootkit leveraging a single byte modification is impossible! Well I think that was a little bold to say and in my opinion it doesn t seem that infeasible that a on
HookSrc
- API calls interception is the task that allows you to get access to some parts of others programs. Lots of programmers spend time developing and describing various methods that allow that access. Such methods are used in many anti-virus and anti-spyw
WinRARZIP
- 实现令人满意的风格统一的软件界面确实很难, 象网友提到的MessageBox、FileDialog、FontDialog、目录选择对话框等MFC内部甚至系统DLL内的对话框,要想让它变脸可不容易。有人说HOOK技术可以,HOOK技术确实可以,HOOK可以说是无孔不入,但HOOK的使用效率却是令人难以满意的,从目前大多数采HOOK技术的换肤软件使用情况来看,完全可以证明这一点。今天我们将讨论另外一技术来实现FileDialog的变脸,这种技术叫替换窗口过程法(注:本人杜撰)。 窗口过程函数
hookntcontinue
- ring0--hook NtContinue+source_code ring0下面hookNtContinue 使用drx7寄存器实现的hook this code hooks ntoskrnl!NtContinue to set dr7 to 0 (no updating of dr7) so NtContinue called from ring3 cannot alter drX registers... This hook will only PREVENT dr
test
- this one test pro, please don t download it.
APIHookingRevisited_src
- There are numerous codes in the www to explain how to hook API functions inside a remote process. So, why creating another one ? This article is the first (I) part of a tool I m working on. This tools won t be too complex, so there is no need for a h
Tren
- 魔兽游戏里踢人 我们HOOK Send函数。如果我们和某个玩家私聊,假设输入7720668,那么肯定可以在pBuffer中搜索到这个字符串,然后我们关闭相应的socket即可实现T人了。(这里也说明了:只有主机才可以T人。因为通过伪造TCP、SYN、ACK数据包来实现,几乎不可能) -World of Warcraft game kicking us HOOK Send function. If we whisper a player, assuming that the input 7
Addison.Wesley.Professional.Rootkits.Subverting.t
- Information about Windows kernel..and rootkits. Original Title: Rootkits: Subverting the Windows Kernel By Greg Hoglund, James Butler
setup1.0.0.3
- 绿色键盘修改器,玩魔兽的人必备工具。 退魔、飞T不再手忙脚乱-Modify the keyboard, and an essential tool for those who play warcraft
T-ProcMon-1.0Src
- 本程序为一款基于Windows SDK/DDK开发环境的系统信息监视工具。-monitoring system information tool source code, Write by Windows SDK/DDK.
Injector-20090421b
- Code is written in C++ with full exception handling (none of this annoying C-based return value checking crap). Only tested on MSVC++. Visual Studio 2008 project files supplied. Note: The AMD64 version can only inject into AMD64 processes,
DetectDriver_src1
- This article is the continue of the previously posted article HideDriver. Initially the first article was an experiment and the result of it exceeded all my expectations. I want to thank all readers who left comments and wrote emails, your opinions w
hook
- 这个工具是由vc++编程的,主要的功能是屏蔽鼠标和键盘-i don t know english
inline-hook
- Il y a quelques temps, j avais publié sur le blog la technique de l IAT Hook qui permettait de détourner l appel d une fonction via la table d importation. Mais cela a ses limites: si vous posez un hook après que le programme ai récupéré l adresse
FF-DLL-Injector
- Firefox hooks LdrLoadDll so you can t inject a DLL, this code unhooks it and injects the DLL.
anti_dll_inj
- A very simple way how to protect our prog. being injected by a dll... There are other ways t-A very simple way how to protect our prog. being injected by a dll... There are other ways too
igeq-executive
- 不想承受MS AGENT那庞大的身躯的人有福了!这是一个用VB编写的小巧的精灵,别看它小,功能却少不了多少,更重要的是它可以完全整入你的APP之中-Don t want to its huge body of MS AGENT that blessed!
inurjduced
- 最新修正版,据说是最好的江湖哦,真的是一个好江湖,我不做介绍-The latest revision, is said to be the best oh, really is a good river s lake, I don t do is introduced