-
-
[下载]又一个新的检测ROOTKIT的小工具
-
2007-11-10 23:42
9665
-
SafetyCheck is a Tool of Detection RootKit,it is Freeware It only runs on 32bit Windows 2K or 32bit Windows XP.
Release SafetyCheck 1.7 beat
Main Parts:
Hidden Processes Detection
Detect hidden process and process module and thread,Kill process
Hidden Kernel Module Detection
Detect hidden kernel module
SSDT Hooks
Detect and Restorer SSDT Hooks
Code Hooks Detection
Detect Code Hooks
Registry Tool (Temporarily no support operate)
Detect hidden registry
Files Tool
Detect hidden files (Temporarily only support NTFS ,no support operate ,no support ADS)
Analyze big directory possible is slow (as System32 directory)
Environment supported by test version:
32bit Windows 2000
32bit Windows XP
Single CPU without hyperthread
Don't run SOFTICE
http://yyuyao.googlepages.com/home
http://yyuyao.googlepages.com/SafetyCheck1.7Beta.rar
国人写的ARK,不过居然在RKU作者面前说了一句
yes, very simple,myself like RKU。
不过我这里蓝屏了。算是RKU的蓝版。
[培训]二进制漏洞攻防(第3期);满10人开班;模糊测试与工具使用二次开发;网络协议漏洞挖掘;Linux内核漏洞挖掘与利用;AOSP漏洞挖掘与利用;代码审计。
