Rootkits: Subverting the Windows Kernel

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Z]

GainExclusivity function

Gates     cell     interrupt

     task and trap

GDTs [See Global Descriptor Tables]

GetDrivesToHook function

GetListOfModules function GetLocationOfProcessName function

GetModuleFileNameEx function GetModuleInformation function

GetProcAddress function 2nd GetVersionEx function Global Descriptor Tables (GDTs)     dump of     tricks using

GORINGZERO instruction

Group elevation with DKOM

     adding SIDs to tokens

     finding tokens

     log events in

     modifying tokens

Guarding-the-doors approach