Applied Reverse Engineering: Crude T&E for Control-Flow Tracing
The idea of inducing faults with sentinels by patching code sections at runtime predates most of us — it’s one of the oldest tricks in systems programming. Fault injection for code tracing goes back to early software emulation and debugging in the 80s and 90s. Single-stepping via the trap flag dates to the 8086 (1976) […]
Experimenting with Object Initializers in Windows – See PG-compliance Disclaimer*
Overview In this article, I wanted to introduce a fun approach to performing functions similar to those enabled by Windows Object Callbacks but through an alternative means (experimentally). It’s well known that anti-malware, anti-cheat, and generic monitoring tools on Windows systems often use these callbacks. However, their usability is limited to parties with signed modules, […]
Fun with another PatchGuard-compliant Hook
Overview In this article, we’ll be covering a fun alternative to the treasured InfinityHook from Nick Peterson. This alternative method was discovered by Aidan Khoury following the release and subsequent patch of the EtwpGetCycleCount target by Microsoft without any acknowledgements to the original authors. This method has been tested from early Windows 10 to latest Windows […]