.Currently trying to write a windows kernel driver that reads kernel memory and dumps it to a userland application. I've been looking through all the windows driver reference material for the last couple of days looking for a simple way to retrieve process memory maps similar to how its done on the userland side (aka. VirtualQuery), but cant seem to find anything for kernel land development. Anyone have any ideas on how to do this?
thanks.
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}