Exetools  

Go Back   Exetools > General > Community Tools
Reload this Page ScyllaHide
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #11  
Old 09-08-2015, 02:09
Carbon Carbon is offline
VIP
  
Join Date: Sep 2013
Posts: 113
Rept. Given: 7
Rept. Rcvd 189 Times in 48 Posts
Thanks Given: 0
Thanks Rcvd at 60 Times in 19 Posts
Carbon Reputation: 100-199 Carbon Reputation: 100-199
Win10 has more surprises to offer:

https://ntquery.wordpress.com/2015/09/07/windows-10-new-anti-debug-outputdebugstringw/

I also see some weird behavior of NtQueryInformationProcess. You can query ProcessBasicInformation with different buffer sizes.

size = 24 -> normal behavior, expected size like in all windows editions
size = 32 -> extended information? You can get more information...
__________________
My blog: https://ntquery.wordpress.com
Reply With Quote
The Following User Gave Reputation+1 to Carbon For This Useful Post:
Loki (09-08-2015)
The Following 4 Users Say Thank You to Carbon For This Useful Post:
besoeso (09-08-2015), elephant (11-15-2015), Loki (09-08-2015), Storm Shadow (12-11-2015)
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ScyllaHide HookLibraryx86.dll phroyt General Discussion 3 10-25-2019 09:48
ScyllaHide Detector Lueilwitz Source Code 2 08-07-2019 06:32


All times are GMT +8. The time now is 05:28.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )