最新天道酬勤RootKit循序渐进开发下载
0.VM虚拟引擎初探.ziphttp://dl.vmall.com/c0s8a9jjk8
1.定义内核数据类型.zip
http://dl.vmall.com/c0sj7miyb5
2.断链隐藏RootKit.zip
http://dl.vmall.com/c09oovsa8v
3.配置RootKit通讯端口.zip
http://dl.vmall.com/c0vbhgf6bf
4.操纵数据流文件.zip
http://dl.vmall.com/c0g3uynwpl
5.读隐藏数据流文件.zip
http://dl.vmall.com/c0f3fhnotl
6.RootKit使用流文件.zip
http://dl.vmall.com/c0gyiuiw99
7.安装和卸载RootKit.zip
http://dl.vmall.com/c0ut12fq1m
8.原子级交换挂钩原理.zip
http://dl.vmall.com/c0zhaj1beb
9.原子级交换SSDT函数.zip
http://dl.vmall.com/c0sq3o184a
10.钩子艺术HookSSDT.zip
http://dl.vmall.com/c0imoovcvo
11.内核函数前缀的意义.zip
http://dl.vmall.com/c04yy1pbuq
12.内核下文件名比较.zip
http://dl.vmall.com/c0oe8s8lms
13.挂钩内核函数过滤映射DLL名称.zip
http://dl.vmall.com/c0oe5kvaub
14.增加内核数据类型.zip
http://dl.vmall.com/c0v4jsr1b7
15.未公开函数的显示调用.zip
http://dl.vmall.com/c06jqw3ue5
16.内核态DLL特征码匹配.zip
http://dl.vmall.com/c0z2h8sbgt
17.通过PE格式获得PE信息.zip
http://dl.vmall.com/c0vdyckyia
18.PE格式牵扯的结构定义.zip
http://dl.vmall.com/c0lm7fig93
19.MDL大缓存分片映射.zip
http://dl.vmall.com/c0gfravp8t
20.释放映射空间.zip
http://dl.vmall.com/c0hzv84aqn
21.快速匹配特征码.zip
http://dl.vmall.com/c0ox2a11yf
22.PE结构的使用.zip
http://dl.vmall.com/c0ke2o241x
23.导出表匹配函数名.zip
http://dl.vmall.com/c0mv50fn3r
24.字符串匹配(1).zip
http://dl.vmall.com/c0l9gob5ri
25.特征码定位挂钩地址.zip
http://dl.vmall.com/c0rfajrozp
26.注入信息初始化.zip
http://dl.vmall.com/c0fkc1bk8r
27.检测函数字节.zip
http://dl.vmall.com/c02ab71njf
28.纪录被重写的指令.zip
http://dl.vmall.com/c07vspv3u5
29.构建Detour有效地址.zip
http://dl.vmall.com/c0k79rxiba
30.修正Detour有效地址.zip
http://dl.vmall.com/c06kj3116u
31.运行时地址修正并挂钩.zip
http://dl.vmall.com/c0dc2an242
32.遍历IDT表信息.zip
http://dl.vmall.com/c0zn7s6dx2
33.IDT挂钩模板.zip
http://dl.vmall.com/c0x5tngxzw
34.IDT挂钩模板地址修正.zip
http://dl.vmall.com/c02txwnp8e
35.HOOK所有IDT.zip
http://dl.vmall.com/c0cyw708za
36.IRP钩子的概念.zip
http://dl.vmall.com/c0i968bejh
37.全局IRPHOOK(上).zip
http://dl.vmall.com/c0nkvl29qf
38.全局IRPHOOK(下).zip
http://dl.vmall.com/c0uajfkcnm
39.HOOK请求报文IRP.zip
http://dl.vmall.com/c0fat8xar8
40.过滤IRP请求.zip
http://dl.vmall.com/c0w4bepmrm
41.过滤IRP栈.zip
http://dl.vmall.com/c05vzwtiw2
42.隐匿端口.zip
http://dl.vmall.com/c0knzt53l5
43.Sysenter简单Hook.zip
http://dl.vmall.com/c038myrct6
44.另一种Sysenterhook方法(绕过绝大多数的rootkit检测工具的检测).zip
http://dl.vmall.com/c0v9nb85ec
45.分层驱动键盘嗅探.zip
http://dl.vmall.com/c007hxbvll
46.IRP分层直通传递.zip
http://dl.vmall.com/c0fnb77lxa
47.键盘嗅探回调完成函数.zip
http://dl.vmall.com/c0svkapqd7
48.附加设备到驱动设备栈.zip
http://dl.vmall.com/c0x093n1bq
49.创建系统线程.zip
http://dl.vmall.com/c0zznhgg8d
50.直接修改内核对象隐藏进程驱动部分.zip
http://dl.vmall.com/c0kv0ujb2w 嗯好啊 在下载
页:
[1]