thanks for your excellent work, I learned a lot from it. And I try to use this project to monitor windows kernel memory access.
And I set corresponding ept entry's r/w to false. Every time windows kernel access memory, I set corresponding ept entry's r/w to ture ,and mtf flag. However, the windows always get stuck somewhere. Can you give some suggestion.
thanks for your excellent work, I learned a lot from it. And I try to use this project to monitor windows kernel memory access.
And I set corresponding ept entry's r/w to false. Every time windows kernel access memory, I set corresponding ept entry's r/w to ture ,and mtf flag. However, the windows always get stuck somewhere. Can you give some suggestion.