Skip to content
/ unHooker Public
forked from wes4m/unHooker

Kernel (Ring0) - SSDT unhook driver

0 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fengjixuchui/unHooker

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits

Driver

Driver

 
 

Loader/unHooker

Loader/unHooker

 
 

README.md

README.md

 
 

unHooker.exe

unHooker.exe

 
 

unHooker.sys

unHooker.sys

 
 

Repository files navigation

unHooker

Kernel (Ring0) - SSDT unhook driver this is the full code of unHooker project , the driver and the loader

  • What it does ? unhooking the any intlized ssdt hook , by reset the service pointer to the real one after retiving it from the 'ntoskrnl.exe' by the function OrginalAddress using the index of the service it do load the ntoskrnl and search for the pointer on it then passing it to the driver using cHook structer the driver disable the system write protection then edit the ssdt with the real pointer using the index of the service after that , it return the protection and continue working .

About

I have coded this source with help from my team friend simon (DPCODERS) coded before 6 months or more of releasing it here . just don't forget to credit if you use it :) .

About

Kernel (Ring0) - SSDT unhook driver

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 71.0%
  • C 28.6%
  • Makefile 0.4%