Category: Antivirus

Antivirus, Debugging, Kernel

Debug user-mode processes using a kernel debugger

When a user-mode process deploys various userland anti-debugging tricks, you can use kernel debugging to attach to the process and debug it easier. > Create a Windows 8.1 Vmware machine. > Follow this guide to enable kernel debugging through pipes. > Run Windbg as administrator on your host machine. > Open File->Kernel Debug… (Ctrl+K) > …