ChenChen-hrbust / API_watchingLinks
监视Windows系统下程序执行过程中的API调用,采用Ring3 Hook方式进行监控,记录API调用,分析软件行为。
☆31Updated 12 years ago
Alternatives and similar repositories for API_watching
Users that are interested in API_watching are comparing it to the libraries listed below
Sorting:
- 我的开源:讲解anything☆21Updated 4 years ago
- 主动防御-网络过滤器(firewall)☆5Updated last year
- 卓然主动防御源码(可执行文件+完整源码+完整作品报告)☆15Updated 6 years ago
- 稳定多线程中的inline hook☆16Updated 5 years ago
- 逆的或者收集的别人家的代码☆27Updated 4 months ago
- x64HOOK库☆18Updated 5 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆34Updated 4 years ago
- PE文件解析和加壳工具☆18Updated 2 years ago
- 一个32位windows下x86指令集的代码扭曲加密小工具☆32Updated 6 years ago
- upx静态脱壳机源码☆17Updated 6 years ago
- 安全卫士项目☆32Updated 7 years ago
- 进程行为分析工具☆14Updated 8 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Updated 7 years ago
- This is another tool helping to generate c file for dll hijack, besides AheadLib and AddExport. 这是 AheadLib 和 AddExport 之外的,另一种生成 DLL 劫持…☆28Updated 6 years ago
- 管道监视器,类似于spyxx之类的东西,一般用于监视目标进程的系统调用.关键词:detours+piep☆23Updated 11 years ago
- 锁主页驱动☆37Updated 6 years ago
- ida提取特征码脚本☆56Updated 5 years ago
- 根据参考字符串,和结果逆向,推算出算法。☆21Updated 2 years ago
- ExStudPE Visual Tools 是一个扩展StudPE、LordPE等软件的用于PE(32位)、PE+(64位)、NE、Elf(32位)、Coff、Lib格式二进制可执行目标文件(*.exe、*.dll、*.ocx、*.so、*.lib、*.obj、*.exp等…☆54Updated 5 years ago
- 粗暴地枚举管理内核的WFP对象。 Manage kernel WFPs in a brutal way.☆27Updated 7 years ago
- shellcode注入测试工具☆50Updated 5 years ago
- windows 黑客技术编程技术详解配套的代码资源☆15Updated 5 years ago
- 内核级ARK工具。☆59Updated 8 years ago
- PEBFake(修改PEB 伪装当前进程路径、参数等)☆51Updated 4 years ago
- Changes handle's access rights using DKOM with a vulnerable driver☆25Updated 7 years ago
- ☆27Updated 6 years ago
- 此目录收集整理反调试方法☆74Updated 3 years ago
- ☆38Updated 6 years ago
- 逆向小红伞杀毒软件驱动——avkmgr☆70Updated 7 years ago
- intel vt-x hypervisor ept☆25Updated 5 years ago