Question regarding detectability

[zaryar]

I've been active in the cheating scene for a while now, but this would be my introduction to kernel level cheating. I've already done some research, data pointer hooked functions are mostly detected in the assembly code. Are there any other detection vectors I need to look out for?

[Ch40zz]

A well hidden data ptr that isnt part of some common table is probably safe. One problem can be stack walking. NMIs can be used to stackwalk for example. Leaving executable memory mapped is also not great.