search

Internals

Configuring Kernel Debugging Environment with kdnet and WinDBG Previewchevron-rightCompiling a Simple Kernel Driver, DbgPrint, DbgViewchevron-rightLoading Windows Kernel Driver for Debuggingchevron-rightSubscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel Driverchevron-rightListing Open Handles and Finding Kernel Object Addresseschevron-rightSending Commands From Your Userland Program to Your Kernel Driver using IOCTLchevron-rightWindows Kernel Drivers 101chevron-rightWindows x64 Calling Convention: Stack Framechevron-rightLinux x64 Calling Convention: Stack Framechevron-rightSystem Service Descriptor Table - SSDTchevron-rightInterrupt Descriptor Table - IDTchevron-rightToken Abuse for Privilege Escalation in Kernelchevron-rightManipulating ActiveProcessLinks to Hide Processes in Userlandchevron-rightETW: Event Tracing for Windows 101chevron-rightExploring Injected Threadschevron-rightParsing PE File Headers with C++chevron-rightInstrumenting Windows APIs with Fridachevron-rightExploring Process Environment Blockchevron-rightWriting a Custom Bootloaderchevron-right
PreviousPowershell Payload Delivery via DNS using Invoke-PowerCloudNextConfiguring Kernel Debugging Environment with kdnet and WinDBG Preview