diff --git a/src/demon/win32/demon_core_win32.c b/src/demon/win32/demon_core_win32.c
index e3305ca2..a1a023e2 100644
--- a/src/demon/win32/demon_core_win32.c
+++ b/src/demon/win32/demon_core_win32.c
@@ -690,7 +690,7 @@ dmn_w32_thread_read_reg_block(Arch arch, HANDLE thread, void *reg_block)
       
       //- rjf: unpack info about available features
       U32 feature_mask = GetEnabledXStateFeatures();
-      B32 xstate_enabled = (feature_mask & (XSTATE_MASK_AVX | XSTATE_MASK_AVX512)) != 0;
+      B32 xstate_enabled = (feature_mask & (XSTATE_MASK_AVX | XSTATE_MASK_AVX512 | XSTATE_MASK_CET_U)) != 0;
       
       //- rjf: set up context
       CONTEXT *ctx = 0;
@@ -709,7 +709,7 @@ dmn_w32_thread_read_reg_block(Arch arch, HANDLE thread, void *reg_block)
       //- rjf: unpack features available on this context
       if (xstate_enabled)
       {
-        SetXStateFeaturesMask(ctx, XSTATE_MASK_AVX | XSTATE_MASK_AVX512);
+        SetXStateFeaturesMask(ctx, XSTATE_MASK_AVX | XSTATE_MASK_AVX512 | XSTATE_MASK_CET_U);
       }
       
       //- rjf: get thread context
@@ -866,6 +866,18 @@ dmn_w32_thread_read_reg_block(Arch arch, HANDLE thread, void *reg_block)
           MemoryZero(zmm_d, sizeof(*zmm_d));
         }
       }
+
+      // CET / Shadow Stack
+      if(xstate_mask & XSTATE_MASK_CET_U)
+      {
+        DWORD cet_length = 0;
+        XSAVE_CET_U_FORMAT *cet = LocateXStateFeature(ctx, XSTATE_CET_U, &cet_length);
+        if (cet_length == sizeof(*cet))
+        {
+          dst->cetmsr.u64 = cet->Ia32CetUMsr;
+          dst->cetssp.u64 = cet->Ia32Pl3SspMsr;
+        }
+      }
       
       scratch_end(scratch);
     }break;
diff --git a/src/lib_rdi/rdi.h b/src/lib_rdi/rdi.h
index 5692f306..550a26b9 100644
--- a/src/lib_rdi/rdi.h
+++ b/src/lib_rdi/rdi.h
@@ -293,6 +293,8 @@ RDI_RegCodeX64_fds        = 97,
 RDI_RegCodeX64_fip        = 98,
 RDI_RegCodeX64_fdp        = 99,
 RDI_RegCodeX64_mxcsr_mask = 100,
+RDI_RegCodeX64_cetmsr     = 101,
+RDI_RegCodeX64_cetssp     = 102,
 } RDI_RegCodeX64Enum;
 
 typedef RDI_U32 RDI_BinarySectionFlags;
@@ -765,6 +767,8 @@ X(fds, 97)\
 X(fip, 98)\
 X(fdp, 99)\
 X(mxcsr_mask, 100)\
+X(cetmsr, 101)\
+X(cetssp, 102)\
 
 #define RDI_TopLevelInfo_XList \
 X(RDI_Arch, arch)\
diff --git a/src/rdi/rdi.mdesk b/src/rdi/rdi.mdesk
index 7dcd4eb0..49a22dc9 100644
--- a/src/rdi/rdi.mdesk
+++ b/src/rdi/rdi.mdesk
@@ -438,6 +438,8 @@ RDI_RegCodeX64Table:
   {fip             98}
   {fdp             99}
   {mxcsr_mask      100}
+  {cetmsr          101}
+  {cetssp          102}
 }
 
 @enum(RDI_U32) RDI_Arch:
diff --git a/src/regs/generated/regs.meta.c b/src/regs/generated/regs.meta.c
index 61b2632f..fab1e6c9 100644
--- a/src/regs/generated/regs.meta.c
+++ b/src/regs/generated/regs.meta.c
@@ -103,7 +103,7 @@ case Arch_x86:{result = regs_g_alias_code_x86_usage_kind_table;}break;
 return result;
 }
 C_LINKAGE_BEGIN
-REGS_UsageKind regs_g_reg_code_x64_usage_kind_table[101] =
+REGS_UsageKind regs_g_reg_code_x64_usage_kind_table[103] =
 {
 REGS_UsageKind_Normal,
 REGS_UsageKind_Normal,
@@ -206,6 +206,8 @@ REGS_UsageKind_Normal,
 REGS_UsageKind_Normal,
 REGS_UsageKind_Normal,
 REGS_UsageKind_Normal,
+REGS_UsageKind_Normal,
+REGS_UsageKind_Normal,
 };
 
 REGS_UsageKind regs_g_alias_code_x64_usage_kind_table[96] =
@@ -308,7 +310,7 @@ REGS_UsageKind_Normal,
 REGS_UsageKind_Normal,
 };
 
-String8 regs_g_reg_code_x64_string_table[101] =
+String8 regs_g_reg_code_x64_string_table[103] =
 {
 str8_lit_comp(""),
 str8_lit_comp("rax"),
@@ -411,6 +413,8 @@ str8_lit_comp("k4"),
 str8_lit_comp("k5"),
 str8_lit_comp("k6"),
 str8_lit_comp("k7"),
+str8_lit_comp("cetmsr"),
+str8_lit_comp("cetssp"),
 };
 
 String8 regs_g_alias_code_x64_string_table[96] =
@@ -513,7 +517,7 @@ str8_lit_comp("mm6"),
 str8_lit_comp("mm7"),
 };
 
-REGS_Rng regs_g_reg_code_x64_rng_table[101] =
+REGS_Rng regs_g_reg_code_x64_rng_table[103] =
 {
 {0},
 {(U16)OffsetOf(REGS_RegBlockX64, rax), 8},
@@ -616,6 +620,8 @@ REGS_Rng regs_g_reg_code_x64_rng_table[101] =
 {(U16)OffsetOf(REGS_RegBlockX64, k5), 8},
 {(U16)OffsetOf(REGS_RegBlockX64, k6), 8},
 {(U16)OffsetOf(REGS_RegBlockX64, k7), 8},
+{(U16)OffsetOf(REGS_RegBlockX64, cetmsr), 8},
+{(U16)OffsetOf(REGS_RegBlockX64, cetssp), 8},
 };
 
 REGS_Slice regs_g_alias_code_x64_slice_table[96] =
diff --git a/src/regs/generated/regs.meta.h b/src/regs/generated/regs.meta.h
index 4adc08d4..1f1316dc 100644
--- a/src/regs/generated/regs.meta.h
+++ b/src/regs/generated/regs.meta.h
@@ -109,6 +109,8 @@ REGS_RegCodeX64_k4,
 REGS_RegCodeX64_k5,
 REGS_RegCodeX64_k6,
 REGS_RegCodeX64_k7,
+REGS_RegCodeX64_cetmsr,
+REGS_RegCodeX64_cetssp,
 REGS_RegCodeX64_COUNT,
 } REGS_RegCodeX64;
 
@@ -423,6 +425,8 @@ REGS_Reg64 k4;
 REGS_Reg64 k5;
 REGS_Reg64 k6;
 REGS_Reg64 k7;
+REGS_Reg64 cetmsr;
+REGS_Reg64 cetssp;
 };
 
 typedef struct REGS_RegBlockX86 REGS_RegBlockX86;
@@ -491,11 +495,11 @@ REGS_Reg256 ymm7;
 };
 
 C_LINKAGE_BEGIN
-extern REGS_UsageKind regs_g_reg_code_x64_usage_kind_table[101];
+extern REGS_UsageKind regs_g_reg_code_x64_usage_kind_table[103];
 extern REGS_UsageKind regs_g_alias_code_x64_usage_kind_table[96];
-extern String8 regs_g_reg_code_x64_string_table[101];
+extern String8 regs_g_reg_code_x64_string_table[103];
 extern String8 regs_g_alias_code_x64_string_table[96];
-extern REGS_Rng regs_g_reg_code_x64_rng_table[101];
+extern REGS_Rng regs_g_reg_code_x64_rng_table[103];
 extern REGS_Slice regs_g_alias_code_x64_slice_table[96];
 extern REGS_UsageKind regs_g_reg_code_x86_usage_kind_table[61];
 extern REGS_UsageKind regs_g_alias_code_x86_usage_kind_table[36];
diff --git a/src/regs/rdi/generated/regs_rdi.meta.c b/src/regs/rdi/generated/regs_rdi.meta.c
index de284856..686b8049 100644
--- a/src/regs/rdi/generated/regs_rdi.meta.c
+++ b/src/regs/rdi/generated/regs_rdi.meta.c
@@ -114,6 +114,8 @@ case REGS_RegCodeX64_k4:{result = RDI_RegCodeX64_k4;}break;
 case REGS_RegCodeX64_k5:{result = RDI_RegCodeX64_k5;}break;
 case REGS_RegCodeX64_k6:{result = RDI_RegCodeX64_k6;}break;
 case REGS_RegCodeX64_k7:{result = RDI_RegCodeX64_k7;}break;
+case REGS_RegCodeX64_cetmsr:{result = RDI_RegCodeX64_cetmsr;}break;
+case REGS_RegCodeX64_cetssp:{result = RDI_RegCodeX64_cetssp;}break;
 }
 }break;
 case Arch_x86:
@@ -297,6 +299,8 @@ case RDI_RegCodeX64_k4:{result = REGS_RegCodeX64_k4;}break;
 case RDI_RegCodeX64_k5:{result = REGS_RegCodeX64_k5;}break;
 case RDI_RegCodeX64_k6:{result = REGS_RegCodeX64_k6;}break;
 case RDI_RegCodeX64_k7:{result = REGS_RegCodeX64_k7;}break;
+case RDI_RegCodeX64_cetmsr:{result = REGS_RegCodeX64_cetmsr;}break;
+case RDI_RegCodeX64_cetssp:{result = REGS_RegCodeX64_cetssp;}break;
 }
 }break;
 case Arch_x86:
diff --git a/src/regs/regs.mdesk b/src/regs/regs.mdesk
index 56076b33..25d35691 100644
--- a/src/regs/regs.mdesk
+++ b/src/regs/regs.mdesk
@@ -107,6 +107,8 @@ REGS_RegTableX64:
   {k5                             64   Normal}
   {k6                             64   Normal}
   {k7                             64   Normal}
+  {cetmsr                         64   Normal}
+  {cetssp                         64   Normal}
 }
 
 @table(name base off size usage)