Since Windows 64b, PatchGuard has been of great interest in Windows security.
We have summarized our research done using REVEN in a white-paper:
This paper will present a complete overview of PatchGuard mecanisms, from the initialization to the Blue Screen Of Death, and insights about how we implemented a driver able to disable it. Especially, this research has been conducted using timeless analysis with Tetrane’s tool REVEN. Not a single debugger was used during this entire analysis.
Get the white-paper: https://blog.tetrane.com/2019/Analysis-Windows-PatchGuard.html
Comments
0 comments
Please sign in to leave a comment.