|
|
@ -95,6 +95,6 @@ BEDaisy checks the IRP's of every single loaded driver. Below is the checks done
|
|
|
|
|
|
|
|
|
|
|
|
# Imports
|
|
|
|
# Imports
|
|
|
|
|
|
|
|
|
|
|
|
All of import addresses are stored in the `.data` section of the driver and can easily be changed to hook imported functions.
|
|
|
|
All import addresses are stored in the `.data` section of the driver and can easily be changed to hook imported functions.
|
|
|
|
|
|
|
|
|
|
|
|
<img src="https://imgur.com/hafZdDd.png"/>
|
|
|
|
<img src="https://imgur.com/hafZdDd.png"/>
|