Hidden Processes

Related to DKOM, using _EPROCESS (Windows) and task_struct (Linux)

Resources

• https://www.blackhat.com/presentations/win-usa-04/bh-win-04-butler.pdf (How to hide processes)