[Dailydave] Wrox: Professional Rootkits
Matt Conover
mconover at gmail.com
Wed May 9 01:39:39 EDT 2007
> This should be downloadable, but perhaps not printed out line
> for line. If you really want a disassembler, you'll also probably want
> an analyzer,
How about this one?
http://www.cybertech.net/~sh0ksh0k/projects_small/tDisasm.zip
The instruction analysis and code tracing is pretty extensive (especially in
this newer version) as demonstrated by (and the hooking code below):
http://www.cybertech.net/~sh0ksh0k/projects_small/tCodeTrace.zip
and you'll want do to something cool with your analyzer
> in order to make your hooks "future-proof".
How about this one?
http://www.cybertech.net/~sh0ksh0k/projects_small/Hooking.zip
Give 'em a try.. these days I haven't had much time to extensively regress
test, so treat these as "snapshots"... but I believe these versions to be
pretty stable. Sending me an email is always the quickest way to get an
updated/stable version. Reporting any bugs is always appreciated
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20070508/1af670c2/attachment.htm
More information about the Dailydave
mailing list