登录
首页 » Visual C++ » KerHookDetect

KerHookDetect

于 2015-03-04 发布 文件大小:2358KB
0 305
下载积分: 1 下载次数: 32

代码说明:

  可以实现内核钩子的检测,分为应用层和驱动层,带源码(Can detect the kernel hooks, into the application layer and the driver layer, with source code)

文件列表:

内核钩子检测示例
................\代码说明.txt,3494,2014-10-23
................\应用层
................\......\应用层
................\......\......\Release
................\......\......\.......\SafeCheck.exe,264192,2010-09-07
................\......\......\SafeCheck

................\......\......\.........\bitmap2.bmp
................\......\......\.........\Dllhook.cpp,30924,2010-09-07
................\......\......\.........\Dllhook.h,408,2010-08-28
................\......\......\.........\DriProOther.sys,37632,2010-09-06
................\......\......\.........\Driver.cpp,6781,2010-09-07
................\......\......\.........\Driver.h,290,2010-08-18
................\......\......\.........\FilePrase.cpp,55026,2010-09-05
................\......\......\.........\FilePrase.h,22322,2010-09-03
................\......\......\.........\HookView.cpp,21776,2010-09-05
................\......\......\.........\HookView.h,3384,2010-08-18
................\......\......\.........\IDTAndKernel.cpp,27204,2010-09-07
................\......\......\.........\Ioctls.h,5501,2010-08-28
................\......\......\.........\KerHookSSDTIDT.sys,18944,2010-09-06
................\......\......\.........\LoadNtDriver.cpp,3720,2010-09-06
................\......\......\.........\LoadNtDriver.h,124,2010-09-06
................\......\......\.........\openfile.txt,4277,2010-08-19
................\......\......\.........\process.cpp,18813,2010-09-07
................\......\......\.........\process.h,1573,2010-08-28
................\......\......\.........\RAWSDTaddress.cpp,9856,2010-09-06
................\......\......\.........\RAWSDTaddress.H,28670,2010-09-03
................\......\......\.........\ReadMe.txt,1969,2010-05-26
................\......\......\.........\Resource.h,5248,2010-09-06
................\......\......\.........\SafeCheck.aps,160576,2010-09-06
................\......\......\.........\SafeCheck.cpp,65630,2010-09-07
................\......\......\.........\SafeCheck.h,94,2010-07-05

................\......\......\.........\SafeCheck.rc,8294,2010-09-06
................\......\......\.........\SafeCheck.vcproj,5794,2010-09-07
................\......\......\.........\SafeCheck.vcproj.ASM-1475037415F.asm.user,1427,2010-06-15
................\......\......\.........\SafeCheck.vcproj.ASM-KERNEL.asmkernel.user,1417,2010-07-01
................\......\......\.........\SafeCheck.vcproj.ASMKERNE-60DF6F.asm.user,1426,2010-09-07
................\......\......\.........\ShowOrHide.cpp,5851,2010-09-05
................\......\......\.........\ShowOrHide.h,576,2010-08-19
................\......\......\.........\SlickOS2.ssk,78515,2005-10-25

................\......\......\.........\stdafx.cpp,214,2010-05-26
................\......\......\.........\stdafx.h,423,2010-09-07
................\......\......\.........\targetver.h,1026,2010-05-26
................\......\......\.........\xde.c,16248,2010-08-23
................\......\......\.........\xde.h,8419,2010-08-27
................\......\......\.........\xde.vsprops,145,2010-08-20
................\......\......\.........\xdetbl.c,25607,2004-10-04
................\......\......\.........\内核钩子.doc,10240,2010-08-05
................\......\......\.........\函数特征.txt,1086,2010-08-27
................\......\......\.........\新建 文本文档.txt,5235,2010-07-29
................\......\......\SafeCheck.ncb,2067456,2014-10-27
................\......\......\SafeCheck.sln,893,2010-05-26
................\编译说明.txt,123,2014-10-23
................\运行文件夹
................\..........\DriProOther.sys,56960,2010-09-07
................\..........\KerHookSSDTIDT.sys,32640,2010-09-07
................\..........\SafeCheck.exe,264192,2010-09-07
................\驱动层
................\......\DriProOther
................\......\...........\buildchk_wxp_x86.log,4721,2010-09-07
................\......\...........\buildchk_wxp_x86.wrn,1018,2010-09-07
................\......\...........\buildfre_wxp_x86.log,4667,2010-09-07
................\......\...........\buildfre_wxp_x86.wrn,1018,2010-09-07
................\......\...........\DriProOther.cpp,139790,2010-09-07
................\......\...........\Driver.h,8460,2010-09-05
................\......\...........\EnumDriver.dsp,3449,2010-08-24
................\......\...........\EnumDriver.dsw,543,2010-08-24
................\......\...........\EnumDriver.ncb,50176,2010-08-24
................\......\...........\EnumDriver.plg,809,2010-08-24
................\......\...........\Ioctls.h,4057,2010-08-28
................\......\...........\MAKEFILE,59,2010-09-03
................\......\...........\objchk_wxp_x86
................\......\...........\..............\i386
................\......\...........\..............\....\driproother.obj,342179,2010-09-07
................\......\...........\..............\....\driproother.obj.oacr.root.x86chk.pft.xml,75529,2010-09-07
................\......\...........\..............\....\_objects.mac,267,2010-09-07
................\......\...........\objfre_wxp_x86
................\......\...........\..............\i386
................\......\...........\..............\....\driproother.obj,308027,2010-09-07
................\......\...........\..............\....\driproother.obj.oacr.root.x86fre.pft.xml,75529,2010-09-07
................\......\...........\..............\....\_objects.mac,267,2010-09-07
................\......\...........\pe.h,6514,2010-05-28
................\......\...........\SOURCES,88,2010-09-06
................\......\...........\Struct.h,1497,2010-07-05
................\......\...........\sys
................\......\...........\...\i386
................\......\...........\...\....\DriProOther.pdb,363520,2010-09-07
................\......\...........\...\....\DriProOther.sys,56960,2010-09-07
................\......\...........\x86 Checked Build Environment.lnk,855,2010-07-01
................\......\...........\x86 Free Build Environment.lnk,849,2010-07-01
................\......\...........\xde.c,16310,2010-04-01
................\......\...........\xde.h,8419,2010-03-22
................\......\...........\xdetbl.c,25607,2004-10-04
................\......\...........\判断版本的.txt,35718,2010-08-27
................\......\...........\文档.txt,24950,2010-06-25
................\......\...........\新建 文本文档 (2).txt,3402,2010-09-06
................\......\...........\新建 文本文档 (3).txt,3707,2010-08-29

下载说明:请别用迅雷下载,失败请重下,重下不扣分!

发表评论

0 个回复

  • KeyboardHook
    VC++ 键盘监控程序,可键盘输入文本,当你按下键盘上的每一个键的时候,它都可以监控到,并弹出窗口告诉你按下的是哪个键,是基于HOOK技术来说的。(VC++ keyboard monitoring procedures, keyboard input text when you press each key on the keyboard, it can be monitored, and the pop-up window telling you which key is pressed, it is based on the HOOK technology.)
    2013-12-22 15:43:07下载
    积分:1
  • srcUDiskCpyManager_V2013_1012_1653
    防止向U盘中拷贝文件, Hook Win32API, 实现在WinXp下U盘 DLP Hook函数列表:CopyFileExW Win7(x86/x64)下U盘DLP Hook函数列表: CoCreateInstance, IFileOperation::CopyItems IFileOperation::MoveItems IFileOperation::NewItem IFileOperation::RenameItem (U disk to copy files to prevent, Hook Win32API, U disk under WinXp achieve DLP Hook Function list: CopyFileExW Win7 (x86/x64) under U disk DLP Hook Function list: CoCreateInstance, IFileOperation :: CopyItems IFileOperation :: MoveItems IFileOperation: : NewItem IFileOperation :: RenameItem)
    2021-01-27 11:38:35下载
    积分:1
  • guoqudongDLL
    另一种思路注入目标进程的方法 可作为拓宽思维的例子(zhuru dll)
    2013-10-21 15:29:03下载
    积分:1
  • KeyboardHook
    VC++ 键盘监控程序,可键盘输入文本,当你按下键盘上的每一个键的时候,它都可以监控到,并弹出窗口告诉你按下的是哪个键,是基于HOOK技术来说的。(VC++ keyboard monitoring procedures, keyboard input text when you press each key on the keyboard, it can be monitored, and the pop-up window telling you which key is pressed, it is based on the HOOK technology.)
    2013-12-22 15:43:07下载
    积分:1
  • kernel_Global
    说明:  使用direct技术,能过NP,包括QQ的密码保护,拦截一切键盘输入的好工具,全局钩子,代码很少,不超过250行,没DLL直接实现的(Direct the use of technology, can lead NP, including QQ password protection, to intercept all keyboard input of a good tool, global hook, code small, not more than 250 lines, no DLL directly realized)
    2008-12-05 18:17:35下载
    积分:1
  • remoteDesktop_GDI32_mirrorDriver
    屏幕录制,远程桌面传输,基于Windows图形驱动的屏幕截图技术,api hook,win32 gdi ,mirrorDriver(Screen recording, remote desktop transmission, based on the Windows graphics driver screenshots technology, api hook, win32 gdi, mirrorDriver)
    2020-06-26 14:20:01下载
    积分:1
  • MouseTrace
    MouseTrace,用 VC++写的鼠标Hook钩子,获取X,Y坐标,并适时显示在窗体上,如上图示,在窗体上移动鼠标,坐标信息会被跟踪,移出窗体则无效。(MouseTrace, using VC++ to write the mouse Hook hook, get X, Y coordinates and the time display on the form, as shown, move the mouse over the form, coordinate information will be tracked, out of form would be invalid.)
    2015-02-06 10:32:13下载
    积分:1
  • AMF-Format
    AMF消息格式说明,包含各种格式的消息。(AMF message format that contains a variety of formatted messages.)
    2013-08-20 11:37:47下载
    积分:1
  • COM_Com
    You can hook the system and do what you want!
    2021-02-19 13:39:44下载
    积分:1
  • PassStarter
    This is example how to load a dll library and prepare for hook.
    2013-12-25 07:46:25下载
    积分:1
  • 696516资源总数
  • 106914会员总数
  • 0今日下载