Login
From:
Opcode
(Uncensored)
subscribe
Anatomy of the thread suspension mechanism in Windows (Windows Internals) – Opcode
https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/
links
backlinks
Tagged with:
windows internals
reversing
threads
processes
windows kernel
ethread
kernel mode
ntoskrnl
ntresumethread
ntsuspendprocess
ntsuspendthread
psresumeprocess
pssuspendprocess
user mode
Introduction Process suspension is a technique which is quite well-known, and it is used for a variety of reasons (even by malicious software sometimes). The term “suspension” means “stoppin…
Roast topics
Find topics
Roast it!
Roast topics
Find topics
Find it!
Roast topics
Find topics
Find it!
