From 1bdb4a28521438ba9b126665459930fa912181d3 Mon Sep 17 00:00:00 2001
From: Huoji's <root@key08.com>
Date: Wed, 11 May 2022 15:53:10 +0800
Subject: [PATCH] Create README.md

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..04f6be8
--- /dev/null
+++ b/README.md
@@ -0,0 +1,8 @@
+# Etw-Syscall
+
+捕获syscall调用就如同用windows defender的接口一样
+
+具体流程
+https://key08.com/index.php/2021/10/19/1375.html
+
+代码不好看 因为是临时试验