Professional.Rootkits.Subverting.the.Windows.Kernel [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Professional.Rootkits.Subverting.the.Windows.Kernel [Electronic resources] - نسخه متنی

Greg. Hoglund

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید







Index

[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[R]
[S]
[T]
[U]
[V]
[W]
[Z]

RaiseCPUIrqlAndWait function

Raw network manipulation

binding to interfaces

bouncing packets

forging sources

on Windows XP

sending packets

sniffing

Read-only table access

ReadFile function 2nd

Reading ports

Reboots

from keyboard controllers

surviving

recvfrom function

Registering

for surviving reboot

protocols

Registers

control

latching between

Registry

for injecting DLLs into processes

key detection

operating system version queries in

RegOpenKeyEx function

RegQueryValue function

RegQueryValueEx function 2nd

Relative Virtual Addresses (RVAs)

Remote command and control 2nd

Remote servers

connecting to

sending data to

Remote shells

Remote threads

Reordering of instructions

REQINFO structure

Rerouting control flow

ResponseToArp function

Restarting rootkits

Returns, far

Ring Zero

Rings 2nd

RootkitDispatch function

RootkitRevealer tool

Rootkits

and software exploits

characteristics of

detecting

behavior detection

guarding-the-doors approach

looking for hooks

scanning rooms

for kernel

history of

legitimate uses of

loading

offensive technologies

operation of

purpose of

restarting

vs. exploits

vs. viruses

RtlCopyMemory function

RtlGetVersion function

Run key

Runtime address fixups

Runtime patching

detour.
[See Detour patching]

jump templates

variations

RVAs
[See Relative Virtual Addresses]


/ 111