搜索资源列表
RegMon
- 注册表监控驱动程序(以拦截ObReferenceObjectByHandle函数为主)-Registry monitor driver (in order to intercept the main function ObReferenceObjectByHandle)
ObReferenceObjectByHandle
- Inline HOOK ObReferenceObjectByHandle 保护进程-Inline HOOK ObReferenceObjectByHandle
HookOdROBH
- Hook内核API-ObReferenceObjectByHandle,实现进程保护,防止被保护的进程被kill掉(360杀不掉它)。-Hook the kernel API-ObReferenceObjectByHandle, in order to protect process so that the protected process can not be killed by others.
sys_noRootkit
- 发一个保护游戏的驱动,分别Hook KeAttachProcess,KeStackAttachProcess,ObOpenObjectByPointer,ObReferenceObjectByHandle,KeInsertQueueApc,KiInsertQueueApc 保护游戏不第三方软件调试,采用内联hook-Send a drive to protect the game, respectively Hook KeAttachP