Purpose: - Implement remote code injection - Usermode hook (Ntdll->NtQueryDirectoryFile) Note: This is only POC that will hide file explorer.exe Hidding file via usermode code injection to explorer.exe You

Hook NtQueryDirectoryFile隐藏文件 仅限32位系统-Hook NtQueryDirectoryFile hidden files is limited to 32-bit systems

通过远程线程技术和HOOKAPI技术实现的文件隐藏源代码，利用了windows的Detour开发库，以Inline HOOK的方式实现对NtQueryDirectoryFile函数的拦截-The source code of hiding files with HOOKAPI technology and remote thread technology.Detours and inline hook.Hook NtQueryDirec