搜索资源列表
asmvcring
- 这是一个汇编与VC结合的程序,在Ring3级获取Ring0级的操作-This is a compilation and VC combination of procedures, the Ring3 level access Ring0 class operation
从ring3切换到ring0的代码
- 从ring3切换到ring0的代码--The code which can exchange ring3 to ring0
CallMsgRing0
- 在RING0中使用RING3函数MessageBox.-in RING0 use RING3 MessageBox function.
CallRing3FormRing0
- 在Ring0层中调用Ring3层的功能 需要安装DDK-in Rign0 layer called Ring3 layer functions need to install DDK
r3_2_r0
- Windows2000 XP 从Ring3层进入Ring0层的一种方法-Windows XP Ring3 layer from the layer into Rign0 a way
byshell067beta2&src
- byshell v0.67 beta2,是一个测试中的ring3 NT rootkit。-byshell v0.67 beta2, is a test of ring3 NT rootkit.
KernelExec
- 从RING0级下启动RING3级的应用程序源代码-from RING0 activated RING3-level application program source code
R3toR0
- 从RING3进入RING0的方法,不需要驱动-RING0 from entering RING3 method does not require drivers
ExcpHookMonitor_0.0.4
- ExcpHook is an open source (see license.txt) Exception Monitor for Windows made by Gynvael Coldwind (of Team Vexillium). t uses a ring0 driver to hook KiExceptionDispatch procedure to detect the exceptions, and then show
ring0
- 从ring3跳到ring0的源代码,用汇编语言编写。-Ring3 Skip ring0 from the source code, using assembly language preparation.
getRing0
- Windows NT/2000/XP/Server 2003 获取Ring0的便捷工具 程序创建了几个段: IDT,GDT,SSDT,Linear 为创建Ring3,Ring0之间的互交便捷-Windows NT/2000/XP/Server 2003 to obtain a convenient tool Ring0 program to create a few paragraphs: IDT, GDT, SSDT, L
DaMousePrototypeB
- Ring0和Ring3下的Rootkit源代码。很棒。-Ring3 under Ring0 and Rootkit source code. Great.
Ring3Enumprocess
- 一个非常实用的ring3下检查隐藏进程实例。-Ring3 a very practical example of the process of inspection to hide.
CheckHiddenFile
- 使用内核方法检测隐藏文件,包括ring0,ring3的代码。
HookAPI
- Hook CreateFileA ,Ring3下的inline Hook-Hook CreateFileA, Ring3 under inline Hook
r0code
- 在delphi中实现让ring3的程序运行在ring0-In delphi to achieve so that the program runs ring3 in ring0
KillIS
- Ring3下远程注入DLL干掉IceSword-DLL injection under Ring3 remote kill IceSword
ProcessMonitor
- 应用层与内核层相结合实现进程的监控,ring3 & ring0 ,主动防御的基础功能,代码清晰,学习的好材料-process monitor ,ring3 and ring0
1dogokcpp
- 网上的大多数第一代机器狗ring3层代码都缺少几个声明,这个能完全编译,ring0层没带,请自己弄,ring3是直接寻址方式的。qq 295333637-Most of the first generation of online ring3 dog layer codes are the lack of a number of statements, this can be fully compiled, ring0 layer di
Ring3SSDT
- Ring3下安全获取原始SSDT地址 enjoy it-Ring3 under secure access to the original SSDT Address enjoy it