New Page
Defense Evasion
Useful Links
- Win32 API docs
- NTAPI Undocumented Functions
- Kernel-specific structures (pick the right kernel version / update)
-
DLL download for Unhooking (download URL structure is
https://msdl.microsoft.com/download/symbols/name.dll/{IMAGE_FILE_HEADER.TimeDateStamp}{IMAGE_OPTIONAL_HEADER.SizeOfImage}
)