Detecting KMDs with a single instruction

tl;dr: Just finished an article about detecting a kernel-mode debugger in Windows from userland by using a single instruction.
Portable across all latest Windows versions, both x86/x64 builds.

Read more here.

Enjoy,
kyREcon

Share

Comments are closed.