테크 맵

API 후킹의 모든 기술적 범주를 포함하는 테크 맵

 

Method	Object	Location	Technique		API
static	File	1) IAT 2) Code 3) EAT	X		X
dynamic	Process Memory 00000000 ~ 7FFFFFFF		A) Debug (Interactive)		DebugActiveProcess GetThreadContext SetThreadContext
			B) Injection (stand alone)	B-1) Independant Code	CreateRemoteThread
				B-2) DLL file	Registry(AppInit_DLLs) BHO(IE only)
					SetWindowsHookEx CreateremoteThread