Search - ring0

Search - ring0 - List

【Delphi VCL】 w9xddddk DL : 0: Windows 9x下读写物理扇,适合初学者进行学习研究，不错的源码区——Ring0技术-Physical read and write under Windows 9x fans, suitable for beginners to learn research, a good source area- Ring0 Technology
Update : 2024-05-05 Size : 670720 Publisher : ideaa1
【Browser Client】 12121212 DL : 0: Ring0全局钩子防御网马，现在通行的不少浏览器都带有一定的网马检测功能和防御功能，本文主要从Ring0角度做一点方法介绍-Global defense network Ring0 hook horses, many browsers now prevailing net with a certain horse detection and prevention capabilities, this article from the point of doing that method introduces Ring0
Update : 2024-05-05 Size : 230400 Publisher : 葛超
【Windows Develop】 SSDT DL : 0: 城里城外看SSDT，ring3与ring0之间-Outside the city to see SSDT, ring3 and between ring0
Update : 2024-05-05 Size : 32768 Publisher : 黄明发
【Anti-virus】 SuperKillFile.exe DL : 0: RING0强删文件其实驱动既不是jupiter写的，也不是我写的。顺便说一句我的深度解析360马上就写好啦！请多多关注底层版。 -RING0 strong drive deleted file is not a jupiter in fact written, nor is my writing. By the way, the depth of resolution 360 I immediately write it right! Please pay attention on the underlying version.
Update : 2024-05-05 Size : 28672 Publisher : 姜哥
【GUI Develop】 safe-access DL : 0: 可以防止ring0下直接对IO监控来获取密码的密码框源码-Can prevent ring0 directly on the IO control to obtain the source code of the password box
Update : 2024-05-05 Size : 31744 Publisher :
【Windows Develop】 adetours_ring0_2.1 DL : 0: Ring0 version of the detours by microsoft.
Update : 2024-05-05 Size : 4096 Publisher : fury
【Driver Develop】 DriverCheck DL : 0: 用驱动进入Ring0扫描所有进程Delphi代码,XP Sp3测试成功-With a drive into the Ring0 Delphi code to scan all processes, XP Sp3 tested successfully
Update : 2024-05-05 Size : 7168 Publisher : 池超奇
【Hook api】 SSDT--11 DL : 0: SSDT的全稱是System Services Descriptor Table，系統服務描述符表。這個表就是一個把ring3的Win32 API和ring0的內核API聯繫起來。SSDT並不僅僅只包含一個龐大的位址索引表，它還包含著一些其他有用的資訊，諸如位址索引的基底位址、服務函數個數等。　　通過修改此表的函數位址可以對常用windows函數及API進行hook，從而實現對一些關心的系統動作進行過濾、監控的目的。一些HIPS、防毒軟體、系統監控、註冊表監控軟體往往會採用此介面來實現自己的監控模組，　　目前極個別病毒確實會採用這種方法來保護自己或者破壞防毒軟體，但在這種病毒進入系統前如果防毒軟體能夠識別並清除它將沒有機會發作. -SSDT s full name is System Services Descriptor Table, the system service descriptor table. This is a table of the Win32 API and ring0 ring3 kernel API link. SSDT is not only a huge address contains only the index table, it also contains some other useful information, such as the address of the index base address, the number of functions and other services. Function by modifying the address of this table can be used for windows functions and API hook, in order to achieve the action of some concern to filter systems, surveillance purpose. Some HIPS, antivirus software, system monitoring, registry monitoring software often uses this interface to implement its own monitoring module, At present very few virus does use this method to protect themselves or to destroy anti-virus software, but if the virus before the antivirus software into the system and clear it will not be able to identify opportunities to attack.
Update : 2024-05-05 Size : 335872 Publisher : 小明
【Hook api】 SSDT DL : 0: 详解系统服务描述符表，即SSDT。作用是把ring3的win32 api和ring0的内核api联系起来-Detailed system service descriptor table, the SSDT. Role is to the win32 api and ring0 ring3 kernel api link
Update : 2024-05-05 Size : 36864 Publisher : 杨阳
【Hook api】 Ring0levelprocessprotection DL : 0: HOOK技术的Ring0级进程保护组件设计与实现-HOOK technology Ring0 protection component level design and implementation process
Update : 2024-05-05 Size : 655360 Publisher : 蒙得快
【OS program】 SSDTRecovery DL : 0: 简单的SSDT ring0级恢复，方法是导出SSDT表最原始的位置，记录下来，然后打开程序对比其他进程是否更改SSDT位置，如果更改了，则用原始SSDT覆盖。-Simple SSDT ring0-level recovery method is to export the location of the most original SSDT table, record, and then open the program compared to other process is to change the SSDT position, if you change, then cover with the original SSDT.
Update : 2024-05-05 Size : 1507328 Publisher : seven
【OS program】 direct-IO-disk- DL : 0: 直接读写硬盘源代码，包含RING0和RING3代码 -Direct DISK to read and write the source code, including RING0 and RING3 code
Update : 2024-05-05 Size : 32768 Publisher : 错误
【Other】 test_blue DL : 0: 一个进入ring0并且能调用ntoskrnl.exe的导出函数的源码。十分整蛊。-This is the code to enter RING0 and call the export function in ntoskrnl.exe ...Very tricky.
Update : 2024-05-05 Size : 413696 Publisher : Wujiahao
【Hook api】 hooklib DL : 0: 一个hooklib，使用distorm解析指令支持 ring0 & ring3 以及 x86 & amd64 -A hooklib use distorm parsing instructions Support ring 0, & ring3 as well as x86 & amd64
Update : 2024-05-05 Size : 110592 Publisher : tunshizhe
【OS program】 ring0 DL : 0: 0级硬件中断VxD的设计实现及常见问题解决。-0 levels of hardware interrupt in VxD design and solution to common problem.
Update : 2024-05-05 Size : 5120 Publisher : 王浩
【Windows Develop】 ExKillProc_vbsrc DL : 0: 驱动结束进程，ring0秒杀任何进程的VB编写-Drive end of the process, the ring 0 spike of any process written in VB
Update : 2024-05-05 Size : 53248 Publisher : 李小玲
【File Operate】 Ring0DeleteFile DL : 0: Ring0删除文件,使用Visual Basic实现 -The Ring0 delete file
Update : 2024-05-05 Size : 12288 Publisher : 槐米
【Windows Develop】 Kkerrnelfindpe DL : 0: 内核级编程与开发实践之检测进程工具与代码..ring0级别的进程检测。需要DDK环境。 -Detection process of the kernel-level programming and development practices, tools and code .. ring 0 level of the process of detection. Requires DDK environmental.
Update : 2024-05-05 Size : 658432 Publisher : l2003l
【Driver Develop】 HookCreateProcess DL : 0: C++开发的驱动，VB写的接口程序，希望对大家有用，拦截进程的创建，Ring0-C++ development of driver interface program written in VB, hope to be useful, intercept process creation, Ring0
Update : 2024-05-05 Size : 37888 Publisher : linweizhe
【Driver Develop】 MyCopyFile DL : 0: 文件拷贝，驱动实现，在内核层对指定的文件进行拷贝-copy file in the Ring0
Update : 2024-05-05 Size : 40960 Publisher : dingkaimeng

« 1 2 ... 5 6 7 8 9 1011 12 13 14 »