http://www.cnblogs.com/BoyXiao/archive/2011/09/04/2166596.html
代碼注入之遠程線程篇
http://www.cnblogs.com/BoyXiao/archive/2011/08/11/2134367.html#2786089
SSDT Hook實現內核級的進程保護
http://www.cnblogs.com/hongfei/p/3162546.html
SSDT HOOK ZwOpenProcess(SSTD HOOK掃盲代碼)
http://bbs.pediy.com/archive/index.php?t-93984.html
過 DNF TP 驅動保護(一)
http://www.cnblogs.com/BoyXiao/archive/2012/06/09/2542831.html
過 DNF TP 驅動保護(二)
http://www.cnblogs.com/BoyXiao/archive/2012/06/12/2545816.html
SSTD查看工具:
xuetr(xp,win7都可以)或icesword(僅限XP)
SSTD HOOK Monitor
Windbg