KerHookDetect
代码说明:
可以实现内核钩子的检测,分为应用层和驱动层,带源码(Can detect the kernel hooks, into the application layer and the driver layer, with source code)
文件列表:
内核钩子检测示例
................\代码说明.txt,3494,2014-10-23
................\应用层
................\......\应用层
................\......\......\Release
................\......\......\.......\SafeCheck.exe,264192,2010-09-07
................\......\......\SafeCheck
................\......\......\.........\bitmap2.bmp
................\......\......\.........\Dllhook.cpp,30924,2010-09-07
................\......\......\.........\Dllhook.h,408,2010-08-28
................\......\......\.........\DriProOther.sys,37632,2010-09-06
................\......\......\.........\Driver.cpp,6781,2010-09-07
................\......\......\.........\Driver.h,290,2010-08-18
................\......\......\.........\FilePrase.cpp,55026,2010-09-05
................\......\......\.........\FilePrase.h,22322,2010-09-03
................\......\......\.........\HookView.cpp,21776,2010-09-05
................\......\......\.........\HookView.h,3384,2010-08-18
................\......\......\.........\IDTAndKernel.cpp,27204,2010-09-07
................\......\......\.........\Ioctls.h,5501,2010-08-28
................\......\......\.........\KerHookSSDTIDT.sys,18944,2010-09-06
................\......\......\.........\LoadNtDriver.cpp,3720,2010-09-06
................\......\......\.........\LoadNtDriver.h,124,2010-09-06
................\......\......\.........\openfile.txt,4277,2010-08-19
................\......\......\.........\process.cpp,18813,2010-09-07
................\......\......\.........\process.h,1573,2010-08-28
................\......\......\.........\RAWSDTaddress.cpp,9856,2010-09-06
................\......\......\.........\RAWSDTaddress.H,28670,2010-09-03
................\......\......\.........\ReadMe.txt,1969,2010-05-26
................\......\......\.........\Resource.h,5248,2010-09-06
................\......\......\.........\SafeCheck.aps,160576,2010-09-06
................\......\......\.........\SafeCheck.cpp,65630,2010-09-07
................\......\......\.........\SafeCheck.h,94,2010-07-05
................\......\......\.........\SafeCheck.rc,8294,2010-09-06
................\......\......\.........\SafeCheck.vcproj,5794,2010-09-07
................\......\......\.........\SafeCheck.vcproj.ASM-1475037415F.asm.user,1427,2010-06-15
................\......\......\.........\SafeCheck.vcproj.ASM-KERNEL.asmkernel.user,1417,2010-07-01
................\......\......\.........\SafeCheck.vcproj.ASMKERNE-60DF6F.asm.user,1426,2010-09-07
................\......\......\.........\ShowOrHide.cpp,5851,2010-09-05
................\......\......\.........\ShowOrHide.h,576,2010-08-19
................\......\......\.........\SlickOS2.ssk,78515,2005-10-25
................\......\......\.........\stdafx.cpp,214,2010-05-26
................\......\......\.........\stdafx.h,423,2010-09-07
................\......\......\.........\targetver.h,1026,2010-05-26
................\......\......\.........\xde.c,16248,2010-08-23
................\......\......\.........\xde.h,8419,2010-08-27
................\......\......\.........\xde.vsprops,145,2010-08-20
................\......\......\.........\xdetbl.c,25607,2004-10-04
................\......\......\.........\内核钩子.doc,10240,2010-08-05
................\......\......\.........\函数特征.txt,1086,2010-08-27
................\......\......\.........\新建 文本文档.txt,5235,2010-07-29
................\......\......\SafeCheck.ncb,2067456,2014-10-27
................\......\......\SafeCheck.sln,893,2010-05-26
................\编译说明.txt,123,2014-10-23
................\运行文件夹
................\..........\DriProOther.sys,56960,2010-09-07
................\..........\KerHookSSDTIDT.sys,32640,2010-09-07
................\..........\SafeCheck.exe,264192,2010-09-07
................\驱动层
................\......\DriProOther
................\......\...........\buildchk_wxp_x86.log,4721,2010-09-07
................\......\...........\buildchk_wxp_x86.wrn,1018,2010-09-07
................\......\...........\buildfre_wxp_x86.log,4667,2010-09-07
................\......\...........\buildfre_wxp_x86.wrn,1018,2010-09-07
................\......\...........\DriProOther.cpp,139790,2010-09-07
................\......\...........\Driver.h,8460,2010-09-05
................\......\...........\EnumDriver.dsp,3449,2010-08-24
................\......\...........\EnumDriver.dsw,543,2010-08-24
................\......\...........\EnumDriver.ncb,50176,2010-08-24
................\......\...........\EnumDriver.plg,809,2010-08-24
................\......\...........\Ioctls.h,4057,2010-08-28
................\......\...........\MAKEFILE,59,2010-09-03
................\......\...........\objchk_wxp_x86
................\......\...........\..............\i386
................\......\...........\..............\....\driproother.obj,342179,2010-09-07
................\......\...........\..............\....\driproother.obj.oacr.root.x86chk.pft.xml,75529,2010-09-07
................\......\...........\..............\....\_objects.mac,267,2010-09-07
................\......\...........\objfre_wxp_x86
................\......\...........\..............\i386
................\......\...........\..............\....\driproother.obj,308027,2010-09-07
................\......\...........\..............\....\driproother.obj.oacr.root.x86fre.pft.xml,75529,2010-09-07
................\......\...........\..............\....\_objects.mac,267,2010-09-07
................\......\...........\pe.h,6514,2010-05-28
................\......\...........\SOURCES,88,2010-09-06
................\......\...........\Struct.h,1497,2010-07-05
................\......\...........\sys
................\......\...........\...\i386
................\......\...........\...\....\DriProOther.pdb,363520,2010-09-07
................\......\...........\...\....\DriProOther.sys,56960,2010-09-07
................\......\...........\x86 Checked Build Environment.lnk,855,2010-07-01
................\......\...........\x86 Free Build Environment.lnk,849,2010-07-01
................\......\...........\xde.c,16310,2010-04-01
................\......\...........\xde.h,8419,2010-03-22
................\......\...........\xdetbl.c,25607,2004-10-04
................\......\...........\判断版本的.txt,35718,2010-08-27
................\......\...........\文档.txt,24950,2010-06-25
................\......\...........\新建 文本文档 (2).txt,3402,2010-09-06
................\......\...........\新建 文本文档 (3).txt,3707,2010-08-29
下载说明:请别用迅雷下载,失败请重下,重下不扣分!
