1707b301ff
Generalize the API for common scan and return json
2020-06-17 01:47:20 +07:00
7be3b2fc05
General updates
...
Driver is renamed to lpus.sys
Pdb will be downloaded ino %APPDATA%/nganhkhoa/lpus
And some little fixes
2020-05-20 15:02:09 +07:00
dae10a5312
multiple binary and code refactor
2020-05-19 03:52:18 +07:00
cbc3cb7e15
update new design in code call, no test build
2020-05-04 11:40:31 +00:00
d0c0161b06
find eprocess offset base on CreateTime
2020-02-27 08:25:39 +07:00
d08852af55
finish device io call to scan
2020-02-27 03:27:54 +07:00
8928e4e4cb
add device io call
2020-02-24 22:53:30 +07:00
71b59861c5
add driver to registry
2020-02-23 03:06:01 +07:00
30da3fe60a
load driver code
2020-02-23 02:04:09 +07:00
1bf07214ef
first init
...
Working pdb download and parser
- Read ntoskrnl.exe for GUID
- Download correspoding pdb file
- Parse for globals symbols
- Parse for offset in structs
(Only symbols and structs helps with finding
NonPagedPool{Start,End/First,Last}[Va] are parsed)
2020-02-15 17:39:45 +07:00
