▍1. Windows-Rootkits
Rootkits技术在信息安全领域越来越受到重视,各种Anti-rootkits新技术不断出现。在各种Anti-root- kits工具的围剿下,常规的Rootkits隐藏技术难以遁形。在系统分析和深入研究传统内核级Rootkits隐藏技术的基 础上,提出了一个集驱动模块整体移位、内核线程注入、IRP深度内联Hook 3种技术为一体的Rootkits隐藏技术体 系。(Rootkits technology in the field of information security more and more attention, all kinds of Anti-rootkits new technologies continue to emerge. In a variety of Anti-root-kits Tools of the siege, the conventional Rootkits hide the technology is difficult to hide. In traditional systems analysis and in-depth study of kernel-level Rootkits hiding technique is proposed based on a set of drive module as a whole shift, into the kernel thread, IRP depth inline Hook 3 kinds of technology as one of the Rootkits hide the technical system.)