While researching Kaspersky components, I thought it was an interesting idea to write a custom project that lets me hook system calls by using Kaspersky's hypervisor to take a closer look at what it is doing.
Instructions about how to compile and use are in this repo: iPower/KasperskyHook...
I was inspired by @timb3r from his SysCall Dumper. That's why I wanted to make a "easy" syscall for creating a file. Take me about 5 hours to figuare out how this work :ROFLMAO:
HANDLE hCurtProc =...