While researching Kaspersky components, I thought it was an interesting idea to write a custom project that lets me hook system calls by using Kaspersky's hypervisor to take a closer look at what it is doing.
Instructions about how to compile and use are in this repo: iPower/KasperskyHook...
I was inspired by @timb3r from his SysCall Dumper. That's why I wanted to make a "easy" syscall for creating a file. Take me about 5 hours to figuare out how this work :ROFLMAO:
#include <Windows.h>
#include <stdio.h>
#include "windows_struct.h"
int createTestFile()
{
HANDLE hCurtProc =...
This site uses cookies to personalise content, your experience and to keep you logged in. By using this site, you are consenting to our use of cookies.