While analyzing real-world systems, memory analysts will often encounter anti-virus (AV) engines, EDRs, and similar products that, at first glance, look suspiciously like malware. This occurs because these security products leverage the same techniques commonly employed by malware—such as API hooking, system call hooking, and registering callbacks—in order to gain the insight they need to detect
Print
Share
Comment
Cite
Upload
Translate
APA
() » When Anti-Virus Engines Look Like Kernel Rootkits. Retrieved from https://www.truth.cx/2020/05/27/when-anti-virus-engines-look-like-kernel-rootkits/.
MLA" » When Anti-Virus Engines Look Like Kernel Rootkits." - , https://www.truth.cx/2020/05/27/when-anti-virus-engines-look-like-kernel-rootkits/
HARVARD » When Anti-Virus Engines Look Like Kernel Rootkits., viewed ,
VANCOUVER - » When Anti-Virus Engines Look Like Kernel Rootkits. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2020/05/27/when-anti-virus-engines-look-like-kernel-rootkits/
CHICAGO" » When Anti-Virus Engines Look Like Kernel Rootkits." - Accessed . https://www.truth.cx/2020/05/27/when-anti-virus-engines-look-like-kernel-rootkits/
IEEE" » When Anti-Virus Engines Look Like Kernel Rootkits." [Online]. Available: https://www.truth.cx/2020/05/27/when-anti-virus-engines-look-like-kernel-rootkits/. [Accessed: ]