NtQuerySystemInformation Hide Process Driver src (Any tips?)
Hi, Here is my current source, works fine however I am just wondering if any cleanup is needed? Or general advice on any security holes with this. Is it easy for an anti-rootkit to detect this...
View ArticleHelp, trying to hook ntopenprocess in console app
HANDLE hHandle = INVALID_HANDLE_VALUE; DWORD dwPid = NULL; DWORD dwClient = NULL; DWORD dwLocalPlayer = NULL; Call; typedef SHORT (WINAPI *TNtOpenProcess)(HANDLE ProcessHandle, LONG AccessMask,...
View ArticleHow to monitor process execution in windows?
I am trying to create an application which will terminate any process that is not in its white-list, some thing like antivirus programs. I need to terminate the process before it is run, Just like for...
View ArticleClik here to view.
Header file for Windows user mode and kernel mode inline hooking
This is my new API hooking header that can be used in both user mode and kernel mode. It contains some functions that helps you to set up both user mode and kernel mode inline hooks. I named it...
View Articleextract signature from exe, sign another exe
how to do this ? what api must i use ? put me on right way i have no idea
View Articlepython polymorphic code
This code was written a little while ago by myself as a demonstration of a polymorphic python code. the first part is PolyV.py: A little python script that takes the code and self propagates itself...
View ArticleList Processes using NtQuerySystemInformation
#include "stdafx.h" #include <Windows.h> #define out(a,b) if(b) printf(a,b) #define NT_SUCCESS(x) ((x) >= 0) #define STATUS_INFO_LENGTH_MISMATCH 0xc0000004 #define...
View ArticleClik here to view.
Hide process with NtQuerySystemInformation hook
When you open Task Manager, you see the list of running processes. This list is queried by calling the NtQuerySystemInformation function. When this function is called with SystemProcessInformatiion (5)...
View ArticleUsing NtQuerySystemInformation to get process list
Hi, I am struggling to grasp the concept on using NtQuerySystemInformation to grab all running processes PID(s) OR names, Can anyone here help.
View ArticleClik here to view.
Windows Driver Development Tutorial
Driver Development Tutorial Part I: Introduction to Drivers + Hello World ExampleUser-Mode vs. Kernel-Mode Programming:There are a number of differences between drivers and user-mode programs (such as...
View ArticleClik here to view.
Python Injector
Python injector is a little GUI program that lets you chose a process and then inject a Python interpreter into it. It works on Windows 7 with 32 bit processes and is written in Python 2.7. Below is...
View ArticleWhat am I doing wrong
I'm trying to list all running processes in Windows #pragma comment(lib,"Psapi") #include <windows.h> #include <stdio.h> #include <psapi.h> #include <conio.h> #include...
View ArticleList running processes
#pragma comment(lib,"Psapi") #include <windows.h> #include <psapi.h> #include <conio.h> #include <iostream> #include <assert.h> using namespace std; //Multiple...
View ArticleC code for minesweeper
Hello, newbie here. Can you help me to create a minesweeper ussing c code?
View ArticleClik here to view.
[NASM] Position independent self replicating code written in assembly language
Recently, I was studying about self replicating code, so I written the following code for testing. BITS 32 begin: push ebp mov ebp,esp push ebx push esi push edi call start start: pop ebx sub ebx,start...
View ArticleClik here to view.
How can i compile this windows project?!
Hello everyone, I have been trying to compile a sample form codeproject which demonstrates process execution monitoring in windows, for days now! with no avail yet! I get lots of irrelavent compiler...
View ArticleClik here to view.
libemu and PE instead of simple shellcode
Hi guys, weeks ago I came accross this project called libemu, what it basically does is offering a x86 emulation layer to detect (and analyze) shellcode ( example code here ) ... something like...
View ArticleInstall BHO (Browser Helper Object) in InternetExplorer
Good day, I am search for method to install BHO in Internet Explorer without admin rights. In the internet you can find many sources how install COM objects (BHO same) without admin rights, but BHO...
View ArticleClik here to view.
Formgrabber source (c + +)
Hi everyone I am giving out formgrabber written in C + + it s work lika a charm for me . $Chrome / Chrome SSL $Firefox | Firefox SSL $Internet Explorer | Internet Explorer SSL It can be useful...
View ArticleNTFS File System
How to get MFT size reading in file system and how get total sectors of a HDD using INT 13h?
View Article
