===================================================
           kerberos spy v1.01 WIN2K\WINXP
                 by Rustem Fasihov
===================================================
0. Features
1. Thanx
2. New
3. Files list

0. Features

  0. All known spyes work as debuggers
     - kerberos not run program as debugger
  1. You can hook not only WinAPI function
  2. Plugin support thats give you unlimited control of functions
  3. Possible work as packed program loader.
  4. Programmed on assembler

Extract kerberos.zip to folder C:\kerberos
Spy report of program function calls appear in text *.rep file in
spyed program folder. For better view this file use fixed width
font (Courier New, Terminal ...).

If spy fails - try to decrease count of hooked functions
  - very effective solution

1. Thanx
To kero in kerberos user interface modification.
Kerberos - interface - modification
        1) + drag'n'drop ( -> "File")
        2) + fill "Process ID" Editbox (if process has visible window):
                     a) if your mouse has wheel
                    kerberos window -> foreground,
                    place cursor over needful window and roll mouse wheel
             b) else
                    "Process ID" Editbox -> focus,
                    place cursor over needful window and press key F8

+critical pieces of code optimized and now speed of spy work more faster
+ke_plug.asm - plugin template small changed (look it)
+module name show !!!
+bug fixed - in ADDRESS table calculation (now RET_ADDRESS)
+bug fixed - Windows version check in ke_load.exe
+function databse corrected
+string identification !!!
+almost all of the API functions can be hooked
(exept functions smaller than 5 bytes)

3. Files:
        ke_load.exe - kerberos spy injector
        ke_core.dll - kerberos spy core
        ke_spy.xt   - kerberos spy database
        ke_plug.dll - kerberos spy plugin

(C)Rustem Fasihov 2004-2005
<fasihov@mail.ru>

下载:
http://wasm.ru/baixado.php?mode=tool&id=313

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课