PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook. Tested on Windows 11 (22H2)
- Add function to remove hook from callback
- Use PsLoadedModuleList instead of DriverObject->DriverSection
-
Notifications
You must be signed in to change notification settings - Fork 4
PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook
License
senko37/createprocessnotify-hook
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook