【轉】Rootkit相關連結
categories:
- Homebrew haxoring of a different type
- Contains links for both NDIS and TDI drivers.
links:
Anti-trojan.org - The worlds largest trojan information website. Information on over 1000 different trojans. (3096 hits)
antiserver rootkit collection - a small archive that includes backdoored services (2540 hits)
Bochs - An x86 emaulator w/ source, like VMWare (844 hits)
brilliant trick to program ROM chips - (1007 hits)
Cain and Abel + other tools - Cain & Abel is a password recovery tool for Microsoft Operating Systems. (380 hits)
DJ CMOS PhNeutral - Keith has informed us that these are the worst mixes of his entire life. This is mostly because of FX’s amazing hospitallity and allowing Keith to “enjoy” the bar free of charge. Keith has requested that we remove the files but don’t worry, we told him to fuck himself. (887 hits)
Edge Engine - The CMS Engine used for this website (415 hits)
EXEtools - (1974 hits)
exploit archive - yet another, w/ search (2052 hits)
Finding Hidden Processes and Terminate It - “Finding Hidden Processes” is a tool For Finding Hidden Processes in our Systems. (647 hits)
Free Computer Books, Tutorials & Lecture Notes - A whole archive of about everyhting and anyhting computer related. Lots of good referance material. (1111 hits)
Generating small executables with Visual C++ - Nice tutorial on how to create small exe’s with visual c++. (1273 hits)
Getting WinDBG and VMWare to play together - (710 hits)
Good info on filesystem drivers - (916 hits)
google hack: browsable directories - this search string returns sites w/ browsable root dir’s (2734 hits)
google hack: finds user auth files - find files called “auth_user_file.txt” - you can crack hashes (1747 hits)
GoogleHack-Getting ASP Pages For jection Check - This hack throws you with a search how to get direct ASP pages index for injection check (277 hits)
Hacking DNA at home - Hacking code getting old? Try DNA instead. This resource will help you build super-virulent E. Coli (be careful!) and grow glow-in-the-dark house plants. (700 hits)
http://www.k-otik.com/exploits/ - exploit archive (1480 hits)
Interrupt Hooking - (1164 hits)
Just check it out - apihooks and others (957 hits)
Kernel Security Therapy Anti-Trolls (KSTAT) - (self describes:) Kernel Security Therapy Anti-Trolls (KSTAT) is a very powerful security tool to detect many kinds of rogue kernel rootkits. It analyzes the kernel through /dev/kmem and detects modified syscalls as well as various other problems. This version runs on 2.4.x only, and can assist in finding and removing trojan LKMs. It supports network socket dumps, sys_call fingerprinting, stealth module scanning, and more. (1136 hits)
Matt Pietrek’s homepage - (1746 hits)
Microlib - machine simulator (727 hits)
neworder security references - good i guess for the newbie, helped me out with some questions and thought maybe it would help out. great community aspect thought, has alot of references to different sites that they host, like code.box.sk and junk like that. not just for a weird wanna be hacker. (386 hits)
Nice article on API apying technique - Yariv Kaplan’s article, a good one (1145 hits)
Nmap website - One of the best network mapping and port scanning tools that is freely available for many operating systems (342 hits)
Open Reverse Code Engineering - Open Reverse Code Engineering community was created to foster a shared learning environment among researchers interested in the field of reverse engineering. Heavily modeled on Rootkit.com, OpenRCE aims to serve as a centralized resource for reverse engineers (currently heavily win32/security/malcode biased) by hosting files, blogs, forums articles and more. (1081 hits)
Packetstorm Directory Tree - (991 hits)
PearPC - PowerPC machine emulator (603 hits)
QEMU - Another x86 machine emulator (543 hits)
RCE Messageboards - A set of message boards dedicated to reverse code engineering issues ranging from newbie to advanced. There is also a RCE tool discussion board and a board dedicated to cryptographics. (546 hits)
ReactOS - ReactOS is an OS based on windows nt, the source code contains allooooot of info about nt kernel, how windows boot, …. (1050 hits)
rootkit archive - (2363 hits)
Rootkit’s Unloader - t’s tool for unmapping the modules and loaded Rootkit’s DLLS. It also can terminate the Threads and processes. For Unloading the Rootkits first you must know your target’s DLL After finding these Processes you can terminate the Library. Tip: Before selecting this you must close and save your Program’s Data, because this Program erasing all Threads and Maybe Your Lose your data .TerminateThread is a dangerous function that should only be used in the most extreme cases. You should call TerminateThread only if you know exactly what the target thread is doing, and you control all of the code that the target thread could possibly be running at the time of the termination. Down load’s Link Full Source Code with Binary https://www.rootkit.com/vault/neocrackr/Rootkits_Unloader.rar (286 hits)
rootkit.nl - rootkit detector (1512 hits)
Rootkits: The “r00t” of Digital Evil - Viruses, worms, trojans, spyware and rootkits abound in the maelstorm of modern malware. Rootkits easily stand out as the greatest threat to site security. To combat this growing problem, administrators need to understand how they work. (1014 hits)
Russian Rootkits Project - Russian Rootkits Project. (89 hits)
Samuel Jackson Sound Board - this is funny, you MUST try it (1641 hits)
The Injecting Dlls Into Processes - this is a too for Injecting Dlls Into Processes , free source code VB 6 + Exe Binary (169 hits)
tripatourium - (899 hits)
Universitas Virtualis - Universitas Virtualis offers with it’s own powerful bibliotheca system a comprehensive knowledge base for topics like Algorithms, Software-Engineering, Software-Protection and Reverse Code Engineering, Cryptography and Cryptanalysis. The Bibliotheca offers access to important research papers and grey papers to provide a wide range of available knowledge. (909 hits)
worms archive - (1333 hits)
XEN - The Xen virtual machine monitor (814 hits)
XFOCUS (they have english version) - looks to be a good site (1297 hits)
zone-h 0day rumor - a list with alot of noise and very little signal, but interesting none the less (1404 hits)
[ X- Zero-Day ] - The dumping ground for Zero-Day Exploits.. The following entries are active zero-day vulnerabilities. Exploits that do not have any published vendor-supplied patch. (135 hits)
Windows Rootkit相關連結
[ 1] Avoiding Windows Rootkit Detection/Bypassing PatchFinder 2 - Edgar Barbosa[2004-02-17]
http://www.geocities.com/embarbosa/bypass/bypassEPA.pdf
[10] Hiding Window Handles through Shadow Table Hooking on Windows XP - metro_mystery[2004-06-12]
http://www.rootkit.com/newsread_print.php?newsid=137
[15] Byepass Scheduler List Process Detection - SoBeIt <[email protected]>[2004-04-25]
http://www.rootkit.com/newsread_print.php?newsid=117
[16] Detecting Hidden Processes by Hooking the SwapContext Function - worthy[2004-08-03]
http://www.rootkit.com/newsread_print.php?newsid=170
轉載原創文章請註明,轉載自:Lin’s空間|Only[http://clin003.com]
你有啥想法就說出來吧,只要不是ad就不會k掉你的o(∩_∩)o...哈哈
相關推薦
【轉】Rootkit相關連結
October 21, 2007 – 15:05 categories: - Homebrew haxoring of a different type - Contains links for both NDIS and TDI drivers. links: Ant
【轉】Sqlserver通過連結伺服器訪問Oracle的解決辦法
一、建立sqlserver連結服務(sqlserver連結oracle) 首先sqlserver 連結oracle可以通過兩個訪問介面: “MSDAORA” 和“OraOLEDB.Oracle” 1、“MSDAORA”訪問介面是由Microsoft OLE DB Provider for O
【轉】正則化相關鏈接
blog class bsp src rop 折疊 img detail link 正則化,歸一化的概念 基於Matlab介紹正則化方法 正則化方法:L1和L2 regularization、數據集擴增、dropout 基於Matlab介紹機器學習中的正則化,理解
常用牛人主頁鏈接(計算機視覺、模式識別、機器學習相關方向,陸續更新。。。。)【轉】
short psu works charles 貝葉斯 learning 數學 ocr 相關 轉自:http://blog.csdn.net/goodshot/article/details/53214935 目錄(?)[-] The Kalman
Linux C 創建目錄函數mkdir相關【轉】
ssi sys earch inux 文件處理 null csdn director c語言 轉自:http://blog.csdn.net/fallenink/article/details/8480483 原文地址:http://sharp2wing.iteye.co
素數相關【轉】
size mos bool 一個數 style ring gif prime || 1-n之間有多少個素數 10的1次方 410的2次方 2510的3次方 16810的4次方 122910的5次方 959
【轉】Html 按鈕button加超連結
1.頁面轉向新的頁面: <input type="button" onclick="window.location.href('連線')"> 2.需要開啟一個新的頁面進行轉向: <input type="button" onclick="window.open('連線')">
連結串列、頭指標、頭結點【轉】
圖1為線性表(ZHAO, QIAN, SUN, LI, ZHOU, WU, ZHENG, WANG)的邏輯狀態。頭指標 指示連結串列中第一個結點(即第一個資料元素的儲存映像)的儲存位置。同時,由於最後一個數據元素沒有直接後繼,則線性連結串列中最後一個結點的指標為“空”(N
連結串列翻轉的圖文講解(遞迴與迭代(直接迴圈翻轉指標)兩種實現)【轉】
連結串列的翻轉是程式設計師面試中出現頻度最高的問題之一,常見的解決方法分為遞迴和迭代兩種。最近在複習的時候,發現網上的資料都只告訴了怎麼做,但是根本沒有好好介紹兩種方法的實現過程與原理。所以我覺得有必要好好的整理一篇博文,來幫忙大家一步步理解其中的實現細節。 我們知道
RDO、SAD、SATD、λ相關概念【轉】
轉自:http://zmshy2128.blog.163.com/blog/static/2544637200658104210/ 率失真優化概述: 率失真優化(Rate D isto r t i on Op t i m ized)策略是在率失真理論[3 ]的基礎上提
伺服器五大相關基礎知識【轉】
1 雙路 問題:常聽說雙路至強XX式伺服器,最近又出現了雙核至強,都是兩個CPU,是不是雙路等於雙核? 答案:不是 無論伺服器的單路、雙路、四路乃至八路,其中的“路”都是指伺服器物理CPU的數量,也就是伺服器主機板上CPU插槽的數量。 最近出現的雙核處理器,是在一顆
PHP輸入流 php://input 相關【轉】
為什麼xml_rpc服務端讀取資料都是通過file_get_contents(‘php://input', ‘r')。而不是從$_POST中讀取,正是因為xml_rpc資料規格是xml,它的Content-Type是text/xml。php://input碰到了multipart/form-data在使用xm
linux核心TCP相關引數解釋【轉】
來自:http://os.chinaunix.net/a2008/0918/985/000000985483.shtml tcp_syn_retries :INTEGER 預設值是5 對於一個新建連線,核心要傳送多少個 SYN 連線請求才決定
cdev結構體及其相關函式 【轉】
1、在Linux2.6核心中一個字元裝置用cdev結構來描述,其定義如下: struct cdev { struct kobject kobj; struct module *owner; //所屬模組 cons
__VA_ARGS__相關【轉】
自定義除錯資訊的輸出 除錯資訊的輸出方法有很多種, 例如直接用printf, 或者出錯時使用perror, fprintf等將資訊直接列印到終端上, 在Qt上面一般使用qDebug,而守護程序則一般是使用syslog將除錯資訊輸出到日誌檔案中等等... 使用
【轉】計算機視覺、機器學習相關領域論文和原始碼大集合
一、特徵提取Feature Extraction: · PCA-SIFT [2] [Project] · Affine-SIFT [3] [Project] · Affine Covariant Features
陣列、連結串列、棧、佇列和STL【轉】
陣列 陣列是一種最基本的資料結構,它是記憶體上的一塊連續儲存空間。正因如此陣列的隨機訪問很方便。但陣列也有其固有的限制,大小分配後不能改變。 STL中的陣列 STL中的Array是靜態陣列模板,就是我們所說的陣列。使用方法如下。 std::arra
【轉】硬碟損壞不能識別等相關知識(一)
硬碟修復真經 誤區、缺陷、引數與低格 ·跳出硬碟認識的誤區 ·修復需要弄明白的基本概念 ·深入瞭解硬碟引數 ·硬碟修復之低階格式化 跳出硬碟認識的誤區 1995年,偶然在同事那裡見到一個陌生的物件,好奇地問那是什麼,朋友答:“這是電腦用的硬碟!”這就是高朋第一次認識硬碟的經過。 幾年下來,單位的電腦
python編程(python開發的三種運行模式)【轉】
阻塞 data tail 驗證 目錄 pro 什麽 read bus 轉自:http://blog.csdn.net/feixiaoxing/article/details/53980886 版權聲明:本文為博主原創文章,未經博主允許不得轉載。 目錄(?)[-]
【轉】集群/分布式環境下5種session處理策略
學習 原理 memcache 可選 ret 當前 memcach uil 服務器 轉載至:http://blog.csdn.net/u010028869/article/details/50773174 在搭建完集群環境後,不得不考慮的一個問題就是用戶訪問產生的sessi