驅動級隱藏進程。
Macro for easy hook/unhook. On X86 implementations of Zw* func-
tions, the DWORD following the first byte is the system call number,
so we reach into the Zw function passed as a parameter, and pull the
number out. This makes system call hooking depe ndent ONLY on the
Zw* function implement
相关下载链接:
//download.csdn.net/download/samllgo/3723797?utm_source=bbsseo