Uncategorized

HyperPlatform

Monitoring & controlling kernel-mode events by HyperPlatform: Using VT-x with EPT technologies to provide new must-have tools for reverse-engineering. We presented a HyperPlatform, which is an advanced system monitoring platform for Windows Operating System (OS). Using Intel VT-x and Extended Page Table (EPT) technologies, this platform provides speedy monitoring of various events. HyperPlatform is hidden and resilient to modern anti-forensics techniques and can be easily extended for day-to-day reverse engineering work.[…]

http://igorkorkin.blogspot.com/2016/06/monitoring-controlling-kernel-mode.html
https://github.com/tandasat/HyperPlatform

See-also:

https://firmwaresecurity.com/2016/04/30/eopmon-eop-detector-for-intel-vt-x/

 

Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s