SDT Cleaner

The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls.
    iPhoneDbg Toolkit

A set of tools to delve into iPhone Binary Debugging.
    HeapDraw

HeapDraw/HeapTracer is a tool to visualize the evolution of the heap during the life of an application. We internally use this tool when writing exploits for heap corruption vulnerabilities.
    PSH Toolkit

This toolkit contains tools to list and modify windows logon sessions stored by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also to change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH ON Windows!).
    UHooker

A tool to intercept and manipulate execution of programs. It enables the user to insert hooks in function calls and arbitrary addresses within the executable file in memory. The hooks handlers are written in Python and can be changed at runtime without the need to restart the inspected process.
    Pcapy

Capture network packets from your Python programs on UNIX and Windows platforms.
    Impacket

Easily dissect and build network protocols in object-oriented Python.
    InlineEgg

A platform independent toolbox for writing assembly code in Python.
    MSyslog

A replacement for the traditional syslog daemon featuring cryptographic log protection, database backends.

Subscribe me to the announce mailing list!

 



What is the SDT Cleaner?

 

SDT Cleaner is a tool that intends to clean the SSDT (system service descriptor table) from hooks.

  • The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls.
  • This little tool (in this first release) tries to collect info from your current kernel and then switches to kernel land and if there are any hooks in SSDT, this tool will replace them with the original entries.

Requirements

  • In this first release, you'll just need Windows XP.
  • I'm planning to add support for Windows 2000 / 2003.

Binaries and Source Code

Licensing

  • SDT Cleaner is distributed under a slightly modified version of the Apache Software License. Feel free to review it here and compare it to the official Apache Software License.

Known Issues


The following features are not working yet.

  • Running in VMware.
  • Clean hooks from functions.
  • Windows 2000 / 2003 / 2008 / Vista Support.

Contact Us

Whether you want to report a bug, send a patch or give some suggestions on this package, drop us a few lines at oss@. To contact me, Nahuel C. Riva, the author, you can reach me at nriva@ .

 

Core Security Technologies © 1998-2008  |  All rights reserved