SSDTHook实现进程保护

SSDTHook

SSDT 的全称是 System Services Descriptor Table，系统服务描述符表。这个表就是一个把 Ring3 的 Win32 API 和 Ring0 的内核 API 联系起来。 SSDT 并不仅仅只包含一个庞大的地址索引表，它还包含着一些其它有用的信息，诸如地址索引的基地址、服务函数个数等。通过修改此表的函数地址可以对常用 Windows 函数及 API 进行 Hook，从而实现对一些关心的系统动作进行过滤、监控的目的。一些 HIPS、防毒软件、系统监控、注册表监控软件往往会采用此接口来实现自己的监控模块。

文件下载

资源详情

[{"title":"（ 35 个子文件 497KB ） SSDTHook实现进程保护","children":[{"title":"SSDTHook","children":[{"title":"SSDTHook.suo 18.00KB ","children":null,"spread":false},{"title":"SSDTHook","children":[{"title":"stdafx.cpp 139B ","children":null,"spread":false},{"title":"SSDTHook.vcproj.IEE387O7CCZBQLV.Administrator.user 1.39KB ","children":null,"spread":false},{"title":"res","children":[{"title":"SSDTHook.ico 21.12KB ","children":null,"spread":false},{"title":"SSDTHook.rc2 364B ","children":null,"spread":false}],"spread":true},{"title":"stdafx.h 1.75KB ","children":null,"spread":false},{"title":"targetver.h 1.01KB ","children":null,"spread":false},{"title":"SSDTHook.aps 56.62KB ","children":null,"spread":false},{"title":"SSDTHook.rc 4.53KB ","children":null,"spread":false},{"title":"SSDTHook.vcproj 5.36KB ","children":null,"spread":false},{"title":"SSDTHook.h 453B ","children":null,"spread":false},{"title":"SSDTHook.cpp 1.63KB ","children":null,"spread":false},{"title":"resource.h 726B ","children":null,"spread":false},{"title":"SSDTHookDlg.h 2.48KB ","children":null,"spread":false},{"title":"SSDTHookDlg.cpp 9.74KB ","children":null,"spread":false},{"title":"ReadMe.txt 2.72KB ","children":null,"spread":false}],"spread":false},{"title":"SSDTHook.sln 890B ","children":null,"spread":false},{"title":"HookDriver","children":[{"title":"HookDriver.ncb 339.00KB ","children":null,"spread":false},{"title":"HookDriver.suo 11.50KB ","children":null,"spread":false},{"title":"HookDriver.sln 2.47KB ","children":null,"spread":false},{"title":"HookDriver","children":[{"title":"HookDriver.vsprops 289B ","children":null,"spread":false},{"title":"ddkprebld.cmd 70B ","children":null,"spread":false},{"title":"BuildLog.htm 15.35KB ","children":null,"spread":false},{"title":"HookDriver.WXP.vcproj.IEE387O7CCZBQLV.Administrator.user 3.84KB ","children":null,"spread":false},{"title":"ddkpostbld.cmd 222B ","children":null,"spread":false},{"title":"HookDriver.WXP.vcproj 4.68KB ","children":null,"spread":false},{"title":"makefile 261B ","children":null,"spread":false},{"title":"SSDTHook.h 9.94KB ","children":null,"spread":false},{"title":"VisualDDKHelpers.h 1.03KB ","children":null,"spread":false},{"title":"SSDTHook.cpp 11.59KB ","children":null,"spread":false},{"title":"ddkbldenv.cmd 20B ","children":null,"spread":false},{"title":"sources 212B ","children":null,"spread":false}],"spread":false}],"spread":true}],"spread":true},{"title":"驱动加载工具.rar 329.44KB ","children":null,"spread":false},{"title":"测试程序及驱动","children":[{"title":"SSDTHook.exe 46.50KB ","children":null,"spread":false},{"title":"SSDT_Hook.sys 16.38KB ","children":null,"spread":false}],"spread":true}],"spread":true}]

评论信息

其他资源

免责申明

【只为小站】的资源来自网友分享，仅供学习研究，请务必在下载后24小时内给予删除，不得用于其他任何用途，否则后果自负。基于互联网的特殊性，【只为小站】无法对用户传输的作品、信息、内容的权属或合法性、合规性、真实性、科学性、完整权、有效性等进行实质审查；无论【只为小站】经营者是否已进行审查，用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。
本站所有资源不代表本站的观点或立场，基于网友分享，根据中国法律《信息网络传播权保护条例》第二十二条之规定，若资源存在侵权或相关问题请联系本站客服人员，zhiweidada#qq.com，请把#换成@，本站将给予最大的支持与配合，做到及时反馈和处理。关于更多版权及免责申明参见版权及免责申明

SSDTHook实现进程保护

文件下载

资源详情

评论信息

其他资源

免责申明

个人信息

相关资源标签

热门下载

最新下载