CtrlK

Internals

Configuring Kernel Debugging Environment with kdnet and WinDBG Preview Compiling a Simple Kernel Driver, DbgPrint, DbgView Loading Windows Kernel Driver for Debugging Subscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel Driver Listing Open Handles and Finding Kernel Object Addresses Sending Commands From Your Userland Program to Your Kernel Driver using IOCTL Windows Kernel Drivers 101 Windows x64 Calling Convention: Stack Frame Linux x64 Calling Convention: Stack Frame System Service Descriptor Table - SSDT Interrupt Descriptor Table - IDT Token Abuse for Privilege Escalation in Kernel Manipulating ActiveProcessLinks to Hide Processes in Userland ETW: Event Tracing for Windows 101 Exploring Injected Threads Parsing PE File Headers with C++Instrumenting Windows APIs with Frida Exploring Process Environment Block Writing a Custom Bootloader

PreviousPowershell Payload Delivery via DNS using Invoke-PowerCloud NextConfiguring Kernel Debugging Environment with kdnet and WinDBG Preview