Update scan algorithm

- Scan _ETHREAD with PoolTag='Thre' - Parse pid/ppid from _EPROCESS - Build process tree from output log - Static link for machine missing Windows C++ dev environment
2020-06-09 04:13:15 +07:00
parent 8c642f6ba0
commit 72a947ccd7
6 changed files with 329 additions and 19 deletions
--- a/.cargo/config
+++ b/.cargo/config
@ -0,0 +1,2 @@
+[target.x86_64-pc-windows-msvc]
+rustflags = ["-Ctarget-feature=+crt-static"]