Free hooking software for windows

Hooker is a Global Key Hook (Spy) utility Hooker is a useful key hook (spy) utility that will come in handy.
Main features:
- stealth mode
- log encryption
- capturing of clipboard changes and currently used process
- log viewer
Version restrictions:
- Hooker shows it-self when started; Stealth mode deactivated when HotKey is pressed (without entering a password, because there is no Password for Public version).
Note: A personal version with your own password is available on request.

RootKit Hook Analyzer 3.02 helps you to avoid rootkits installed on your PC which hook the kernel system services. Kernel RootKit Hooks are installed modules that intercept the principal system services that all programs and the operating system rely on. Kernel hooks are out of fashion these days and not officially documented and considered deprecated by Microsoft. The pioneering heroes of the old days who discovered how to actually implement them have all adopted the new fashion of advising against using kernel hooks as a programming practice.

Often kernel hooks are unnecessary because there are documented ways that allow a programmer to achieve his goal. However in a lot of system tools such as monitoring and antivirus software, kernel hooks are the only available technique to get the difficult job done and thus an unavoidable necessary evil. Important is that if your kernel system services are hooked that you can find out which is the responsible software that makes use of these techniques. Inspired by all the discussions going on about the Sony CD protection rootkit, we have developed the RootKit Hook Analyzer.

Enhancements:

• Includes unspecified updates.

Boat Fishing 1.1.1 offers users a wonderful game in which you will be fishing on a boat. 2 minutes will be given and you need to catch as many fishes as possible. There are different types of fishes and they swim at different speeds and worth different scores. Press the left and right arrow keys to move the boat around, press the down arrow key to drop the hook, release the key to raise the hook.

Portmon is an application which monitors and displays all serial and parallel port activity on a system. It has advanced filtering and search capabilities that make it a powerful tool for exploring the way Windows works, seeing how applications use ports, or tracking down problems in system or application configurations.
Simply execute the Portmon program file (portmon.exe) and Portmon will immediately start capturing debug output. To run Portmon on Windows 95 you must get the WinSock2 update from Microsoft. Note that if you run Portmon on Windows NT/2K portmon.exe must be located on a non-network drive and you must have administrative privilege. Menus, hot-keys, or toolbar buttons can be used to clear the window, save the monitored data to a file, search output, change the window font, and more. The on-line help describes all of Portmons features.
Portmon understands all serial and parallel port I/O control (IOCTLs) commands and will display them along with interesting information regarding their associated parameters. For read and write requests Portmon displays the first several dozen bytes of the buffer, using . to represent non-printable characters. The Show Hex menu option lets you toggle between ASCII and raw hex output of buffer data.
The Portmon GUI is responsible for identifying serial and parallel ports. It does so by enumerating the serial ports that are configured under HKEY_LOCAL_MACHINE\Hardware\DeviceMap\SerialComm and the parallel ports defined under HKEY_LOCAL_MACHINE\Hardware\DeviceMap\Parallel Ports. These keys contain the mappings between serial and parallel port device names and the Win32-accessible names.
When you select a port to monitor, Portmon sends a request to its device driver that includes the NT name (e.g. \device\serial0) that you are interested in. The driver uses standard filtering APIs to attach its own filter device object to the target device object. First, it uses ZwCreateFile to open the target device. Then it translates the handle it receives back from ZwCreateFile to a device object pointer. After creating its own filter device object that matches the characteristics of the target, the driver calls IoAttachDeviceByPointer to establish the filter. From that point on the Portmon driver will see all requests aimed at the target device.
Portmon has built-in knowledge of all standard serial and parallel port IOCTLs, which are the primary way that applications and drivers configure and read status information from ports. The IOCTLs are defined in the DDK file \ddk\src\comm\inc\ntddser.h and \ddk\src\comm\inc\ntddpar.h, and some are documented in the DDK.
On Windows 95 and 98, the Portmon GUI relies on a dynamically loaded VxD to capture serial and parallel activity. The Windows VCOMM (Virtual Communications) device driver serves as the interface to parallel and serial devices, so applications that access ports indirectly use its services. The Portmon VxD uses standard VxD service hooking to intercept all accesses to VCOMMs functions. Like its NT device driver, Portmons VxD interprets requests to display them in a friendly format. On Win9x Portmon monitors all ports so there is no port selection like on NT.
Main features:
- Remote monitoring: Capture kernel-mode and/or Win32 debug output from any computer accessible via TCP/IP - even across the Internet. You can monitor multiple remote computers simultaneously. Portmon will even install its client software itself if you are running it on a Windows NT/2K system and are capturing from another Windows NT/2K system in the same Network Neighborhood.
- Most-recent-filter lists:: Portmon has been extended with powerful filtering capabilities and it remembers your most recent filter selections, with an interface that makes it easy to reselect them.
- Clipboard copy:: Select multiple lines in the output window and copy their contents to the clipboard.
- Highlighting:: Highlight debug output that matches your highlighting filter, and even customize the highlighting colors.
- Log-to-file:: Write debug output to a file as its being captured.
- Printing:: Print all or part of captured debug output to a printer.
- One-file payload:: Portmon is now implemented as one file.

LockDown is a handy program for use on windows 95, 98, and Me (although it also works under Windows NT, XP, 2000, and 2003 too) to reproduce the Lock Workstation feature of Windows NT, XP, 2000, and 2003.
Upon locking the workstation, the keyboard and mouse is completely blocked from sending a response to running programs. While under Windows NT, XP, 2000, and 2003 it is still possible to CTRL+ALT+DEL, even viewing the Task List wont help stop LockDown -- a computer reset is the only other way to unlock the computer than entering the correct password. With auto-start options, this handy tool provides added security for any Windows user.
Main features:
- Auto-lock feature (/autolock command-line parameter) permits locking on startup.
- Compact and easy to configure.
- Extremely high 128-bit password encryption makes it impossible to view or modify passwords outside of the LockDown configuration window.
- Low-level kernel hooking of mouse and keyboard blocks input to all programs, preventing Windows cool switch (ALT+TAB) and window selection.
- Quick locking at a keystroke (Win+L).
- Three different locking options makes it possible to block out screen contents while the computer is locked.