-
I trace the userdump in NTDDK.It using RtlImageNtHeader to search the NTOSKRNL spaces, to find its export functions.Does anyone know another...全文
◆
◆
-
lyabcd:NT Kernel level hooking There are several methods for achieving hooking of NT system services in kernel mode. The most popular interception...(2002-08-13 10:11)
