-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add NtQuerySystemInformation Hook #4
Labels
enhancement
New feature or request
Comments
Good idea. We will review this at a later time. |
This has been reviewed. This requires a DLL. This has been accepted and will be implemented in a later version. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Some malware samples hide themselves from process lists by hooking the NtQuerySystemInformation function. I have not written this myself, but if any ideas are needed, this is one of them. I do not have my own code to contribute for this, so I will provide you with a link for reference.
Windows API Hooking - Hide Process from Task Manager tutorial
The text was updated successfully, but these errors were encountered: