My former employer was so so nice that he allowed me to publish this build. Btw I seek new job
Download
Mirror
Changelog:
- add support of Windows 1909
- add support of new RFG relocs. As usually kernel itself has bad IMAGE_DYNAMIC_RELOCATION_TABLE - it contains zero type somewhere inside IMAGE_DYNAMIC_RELOCATION
- add dumping of WMI_LOGGER_CONTEXTs for InfinityHook detection (with -wmi option)
- add dumping of PsAltSystemCallHandlers
- add dumping of PoPdcCallbacks (with -pofx option)
- add dumping of PpmPlatformStates (with -ppm option)
- add dumping callbacks registered with RtlRegisterFeatureConfigurationChangeNotification function
Комментариев нет:
Отправить комментарий