buherator

OK, this is what I figured out so far: 1. `Data/Grunt/GruntBridge/GruntBridge.cs` must be extended to include the relevant `using` directives. I had to recreate my DB after this was done....

Thanks, that's good to know, even better if the limitation is suggested by the UI, like apparently it is in the dev branch. You can close this if you like.

Can't you workaround this problem with some leaked code signing certs? (e.g. https://www.duosecurity.com/static/files/DellCertificates.zip)

@hacksysteam Sounds good! Self-signed might be problematic but registering an internal CA seems like a universal solution.

@hacksysteam Did you manage to create a PoC for this? If I understand correctly this would require patching LoadLibrary() (with a kernel debugger perhaps?), no configuration option is available, right?

Does this mean that not receiving filedelete messages (my current problem) is a known issue? I remember this plugin working like charm.

Can you please check if it works for you? I tried both right click, del from command line and os.unlink() from Python, neither seems to work for me. Debug output:...

I suggest you to take a look at this one: https://github.com/tklengyel/drakvuf/issues/142

Reopening, as this issue came up while developing #29. 1) This statement turned out to be too optimistic: > A special exception is made for the default config (see loadDefaultConfig),...

> exceptions are part of life, and shouldn't break anything I got one of my homeworks rejected *you know where* because of this, so maybe it's just my PTSD triggered...