A POC for monitoring Tb. This code is not neat, it's just a POC.
Hijack HalIommuDispatch + 0x48
KeFlushSingleTb
-> ExFlushTb
KeFlushTb
-> ExFlushTb
- Visual Studio 2022 & WDK11
- llvm-msvc [link]
A POC for monitoring Tb. This code is not neat, it's just a POC.
Hijack HalIommuDispatch + 0x48
KeFlushSingleTb
-> ExFlushTb
KeFlushTb
-> ExFlushTb