Login
From:
Opcode
(Uncensored)
subscribe
Anatomy of the thread suspension mechanism in Windows (Windows Internals) – Opcode
https://ntopcode.wordpress.com/2018/01/16/anatomy-of-the-thread-suspension-mechanism-in-windows-windows-internals/
links
backlinks
Tagged with:
windows internals
reversing
threads
processes
windows kernel
ethread
kernel mode
ntoskrnl
ntresumethread
ntsuspendprocess
ntsuspendthread
psresumeprocess
pssuspendprocess
user mode
Roast topics
Find topics
Find it!
Introduction Process suspension is a technique which is quite well-known, and it is used for a variety of reasons (even by malicious software sometimes). The term “suspension” means “stoppin…
