Blog | Noman Nasir Minhas — Cyber Security Engineer & Red Team Operator

all malware-analysis1 windows-internals1 kernel1 security-research1 dynamic-analysis1 ssdt1 rootkit1 reverse-engineering1

Nanga: Process Telemetry from the Syscall Layer

May 26, 202615 min read

A kernel-driver approach to malware dynamic analysis that captures process telemetry below user-mode evasion, at the syscall layer.

malware-analysiswindows-internalskernelsecurity-researchdynamic-analysisssdtrootkitreverse-engineering