I want you to code a driver that can modify global flag "PspNotifyEnableMask".
This is a 32-bit integer mask that is used to determine what types of callbacks will be called depending on bits set in the lower byte of the mask. Bits 0, 1, and 3 determine if CreateProcess, CreateThread, and LoadImage callbacks are fired. This variable is not protected by PatchGuard and is subject to modification.
I can provide more info and working example of such application (driver) that can modify this flag.
3 freelancers are bidding on average $366 for this job
Hi, please check my previous work, experience and strongly consider my bid. Relevant Skills and Experience Kernel-mode development, DDK/WDK, asm, c, windbg Proposed Milestones $333 USD - Job done