GitHub - m417z/x64dbg-xfg-marker: An x64dbg plugin which marks XFG call signatures as data
An x64dbg plugin which marks XFG call signatures as data - m417z/x64dbg-xfg-marker
Leveraging XFG to help with reverse engineering
m417z.comMicrosoft eXtended Flow Guard (XFG) is a control-flow integrity (CFI) technique that extends CFG with function call signatures. It was presented by Microsoft in 2019, and it’s an interesting mitigation, but this blog post isn’t going to discuss its security implications. Instead, I’m going to show how XFG can be used to help with reverse engineering.