From 449d3876dda4c851b2f0316cc56ce14f9ac79c24 Mon Sep 17 00:00:00 2001
From: mether049 <cstt17009@g.nihon-u.ac.jp>
Date: Thu, 12 Mar 2020 21:18:56 +0900
Subject: [PATCH] Update malware-tech_ref_and_memo.md

---
 malware-tech_ref_and_memo.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/malware-tech_ref_and_memo.md b/malware-tech_ref_and_memo.md
index c05105f..ab152c6 100644
--- a/malware-tech_ref_and_memo.md
+++ b/malware-tech_ref_and_memo.md
@@ -91,6 +91,8 @@ to do...
 - WinDBG等のカーネルモードデバッガでは追跡することができる<br>
 - 名前の由来はVX Heavenに投稿されたから<br>
 - 少なくともtrickbot,locky,emotet等では利用されていた<br>
+- LinuxにおけるHeaven's Gateについて
+  - [Unlocking Heaven's Gate on Linux](https://redcanary.com/blog/heavens-gate-technique-on-linux/)
 **ref:**<br>
 [Knockin’ on Heaven’s Gate – Dynamic Processor Mode Switching(2012-09)](http://rce.co/knockin-on-heavens-gate-dynamic-processor-mode-switching/)<br>
 [The 0x33 Segment Selector (Heavens Gate)](https://www.malwaretech.com/2014/02/the-0x33-segment-selector-heavens-gate.html)<br>