Ring3 rootkits - Base

Simple example of ring3 rootkits , this is only an example of the base of ring3 rootkits it's not ready to use in good or bad way , there's also a list of api's the ring3 rootkits hits usually

/* do another hooks .. .> 
  # NtOpenProcess
  # NtTerminateProcess
  # GetExtendedTcpTable
  # NtQueryInformationProcess
  # RegEnumValue
  # FindNextFile
  # NtCreateFile
   ... Etc ...
*/

in this exmaple i have used my hook method 'uncHook' method to detour the api 
# Only OpenProcess api is hooked in this example .

Name		Name	Last commit message	Last commit date
Latest commit History 29 Commits
Release		Release
512px.jpg		512px.jpg
57px.jpg		57px.jpg
Funcs.h		Funcs.h
Hooks.h		Hooks.h
M8ARE7N.ipa		M8ARE7N.ipa
README.md		README.md
Settings.h		Settings.h
Source.cpp		Source.cpp
UNCROOT.sln		UNCROOT.sln
UNCROOT.v11.suo		UNCROOT.v11.suo
UNCROOT.vcxproj		UNCROOT.vcxproj
UNCROOT.vcxproj.filters		UNCROOT.vcxproj.filters
manifestMXB.plist		manifestMXB.plist
test2.php		test2.php
testing		testing

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Ring3 rootkits - Base

About

Releases

Packages

Languages

wes4m/R3R-BASE

Folders and files

Latest commit

History

Repository files navigation

Ring3 rootkits - Base

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages