This post has been de-listed
It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.
0
Windows kernel provider with DLL load
Post Flair (click to view more posts with a particular flair)
Post Body
Hi guys,
do you know where I could get DLL loaded events?
I was looking for these DLLs: crypt32.dll, advapi32.dll, kernel32.dll from the Event Viewer,
I noticed a researcher did managed to get these events (Figure from page n.38)
https://scholar.dsu.edu/theses/427/
It should be Kernel-IO provider but didn't find anything. I've compared the ProviderGuid from the one from the Image.
I can't get in touch with the researcher(no email found).
Any help would be really appreciated
Author
Account Strength
60%
Account Age
3 years
Verified Email
Yes
Verified Flair
No
Total Karma
24
Link Karma
23
Comment Karma
1
Profile updated: 17 hours ago
Subreddit
Post Details
We try to extract some basic information from the post title. This is not
always successful or accurate, please use your best judgement and compare
these values to the post title and body for confirmation.
- Posted
- 1 year ago
- Reddit URL
- View post on reddit.com
- External URL
- reddit.com/r/AskNetsec/c...