Hooking Windows events without knowing anything about C/C++

https://blog.huntingmalware.com/notes/WMI

Whenever someone thinks about hooking Microsoft Windows events, one thinks about rootkits, low level C++ code, and Windows API calls. There’s another approach to achieve similar things using just pre-installed Windows tools and without knowing anything about Windows internals. WMI is its name.

From the Microsoft Developer Network (MSDN):

WMI (Windows Management Instrumentation) is the infrastructure for management data and operations on Windows-based operating systems. You can write WMI scripts or applications to automate administrative tasks 

0 Comments

Be the first to post a comment.

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*