Hardware Breakpoints for Malware

Our task is to trivially hook functions and diver the code flow as needed, and
finally remove the hook once it is no longer need...

Check out my article for Vx-Underground: Black Mass Volume 1; I discuss various aspects and use cases of hardware breakpoints; including userland evasion techniques (TamperingSyscalls2). You can find the associated code under my Github with C and C++ implementations.



Comments

Popular posts from this blog

D-Generating EDR Internals, Part 1

TamperingSyscalls

Detecting Indirect Syscalls from Userland, A Naive Approach.