Normal view

There are new articles available, click to refresh the page.
Yesterday β€” 4 December 2022Windows LPE

Debugging Protected Processes

By: itm4n
3 December 2022 at 23:00
Whenever I need to debug a protected process, I usually disable the protection in the Kernel so that I can attach a User-mode debugger. This has always served me well until it sort of backfired. The problem with protected processes The problem with protected processes, when it comes to debugging, is basically that they are… protected. Jokes aside, this means that, as you know, you cannot atta...