The tool presented below tries to detect from remote if the target machine was compromised with the HACKER Defender rootkit. The tool connect to the remote host, and compares the reply to several known replies. The rootkits that can be detected by the tool are: HACKER Defender v1.0.0 and below.
rootkit技术,欢迎下载,英文书名:rootkits:Subverting the Windows Kernel
计算机安全图书中第一本关于终极后门程序——Rootkit的详尽指南!
世界级软件安全专家、rootkit.com创始人Greg Hoglund教您全面掌握rootkit,提升自己的安全防范能力
This material is not only up-to-date, it defines up-to-date. It is truly cutting-edge. As the only book on the subject, rootkits will be of interest to any Windows security researcher or security programmer. It s detailed, well researched and the technical information is excellent. The level of technical detail, research, and time invested in developing relevant examples is impressive.
