Syscall-Monitor icon indicating copy to clipboard operation
Syscall-Monitor copied to clipboard

verified publisher icon hzqst

Metadata

Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+

Results 5 Syscall-Monitor issues
Sort by recently updated
recently updated
newest added

Contact

We like Syscall-Monitor a lot and have some private questions, could you contact us via [email protected]?

joesecurity avatar joesecurity

adding support for WBEM dlls?

Hi, Can we add support for dlls in C:\Windows\SysWOW64\wbem\*.dll? These dlls don't seemingly invoke functions in kernel32.dll If you follow the example here where it prints out the process list,...

gjlnitlantylh avatar gjlnitlantylh

Is there any usermode component?

Hi, Is there any usermode component to the syscall monitoring or is it all relying on DdiMon/ring0 tricks? I am wondering if this would be a good reference for something...

sb0sse avatar sb0sse

enable vtx

2 comment

hi, there is any way to enable vtx in runtime without going to bios?

chico-depressive avatar chico-depressive

Recording callstacks consumes too much memory

The memory consumption went 25 ~ 30MB per 50000 events when commented `CallStack(ba);` in `bool CMonitorWorker::ParseMessage(PUCHAR data)`, while it went 50 ~ 60MB per 50000 events when CallStack is recorded....

hzqst avatar hzqst

Metadata

642
Stars
205
Forks
Watchers

Owner

verified publisher icon hzqst

Metadata

Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+

Back