Can someone for the love of god tell me what's wrong with my WinDbg? All my symbols are loaded correctly. This callstack consists of ntoskrnl addresses, which, as I said, I _do_ have loaded symbols. "kb" command shows correct callstack. Just this sub-window isn't. What's wrong?!
February 17, 2025 at 10:04 PM
Can someone for the love of god tell me what's wrong with my WinDbg? All my symbols are loaded correctly. This callstack consists of ntoskrnl addresses, which, as I said, I _do_ have loaded symbols. "kb" command shows correct callstack. Just this sub-window isn't. What's wrong?!
vmi-rs 0.2 is out. It underwent a huge refactoring. OS components like Process, FileObject, Key, ... are now standalone objects.
Also, kernel crashdump support was added, so you can also use it as a kind of Volatility framework. But faster.
Example code:
github.com/vmi-rs/vmi/b...
Also, kernel crashdump support was added, so you can also use it as a kind of Volatility framework. But faster.
Example code:
github.com/vmi-rs/vmi/b...
github.com
February 4, 2025 at 7:47 PM
vmi-rs 0.2 is out. It underwent a huge refactoring. OS components like Process, FileObject, Key, ... are now standalone objects.
Also, kernel crashdump support was added, so you can also use it as a kind of Volatility framework. But faster.
Example code:
github.com/vmi-rs/vmi/b...
Also, kernel crashdump support was added, so you can also use it as a kind of Volatility framework. But faster.
Example code:
github.com/vmi-rs/vmi/b...
After 6 years, I made a blog thingy again.
This time about MmScrubMemory. An innocuous looking function that has bitten my ass several times in the last several years. And if you're developing a hypervisor, it might've bitten yours, too.
wbenny.github.io/2024-11-21-m...
This time about MmScrubMemory. An innocuous looking function that has bitten my ass several times in the last several years. And if you're developing a hypervisor, it might've bitten yours, too.
wbenny.github.io/2024-11-21-m...
MmScrubMemory | mindless-area
The Nemesis of Virtual Machine Introspection
wbenny.github.io
November 22, 2024 at 8:17 AM
After 6 years, I made a blog thingy again.
This time about MmScrubMemory. An innocuous looking function that has bitten my ass several times in the last several years. And if you're developing a hypervisor, it might've bitten yours, too.
wbenny.github.io/2024-11-21-m...
This time about MmScrubMemory. An innocuous looking function that has bitten my ass several times in the last several years. And if you're developing a hypervisor, it might've bitten yours, too.
wbenny.github.io/2024-11-21-m...