We used REVEN to record the Windows OS’ boot process, all the way from before the UEFI firmware transfers control to the boot process, to the kernel finally taking over.
This not only enables exploring code before a kernel debugger could even connect, but also brings the entire feature set of REVEN at hand: full symbols, memory history, framebuffer…
Comments
0 comments
Please sign in to leave a comment.