Zero Tang
Zero Tang
As noted in follow-ups in issue #24, it is confirmed that system might freeze on some Intel laptops. The i5-6200U and i5-5200U are confirmed to have this issue. The i7-7500U,...
On the page with hook code, you used a byte CC to result trapping #BP to VMM. This comes to extra cost by unnecessary VM-Exit. The hook code can be...
Use "VM-Entry MSR Load" to hook MSR on VM-Entry, and "VM-Exit MSR Load" to restore MSR on VM-Exit.
I'm working with QEMU. I added `--enable-debug` and `--enable-debug-info` options in configuring the QEMU maker. After `cv2pdb` extracted a PDB file, neither IDA nor WinDbg can obtain debug symbol from...
This function will eagerly initialize the `iced` crate so that `iced` can be used even when memory allocators may become unavailable after their initialization stage. I am not sure if...
Now the WDK allocator can allocate aligned memory according to the layout argument. Note that this allocator won't waste additional space for alignment if the alignment is normal (e.g.: less...
Link to fadec is [here](https://github.com/aengelke/fadec). It says it's faster than capstone and zydis, so it's probably worth a place here. > Fadec is significantly faster than libopcodes, Capstone, or Zydis...
Just a follow-up of #8 thread. It's been almost three years. Things might have changed a lot. I think the results in README should get updated.