search

Windows / OS Internals

Here are the articles in this section:Configuring Kernel Debugging Environment with kdnet and WinDBG Previewarrow-up-rightCompiling a Simple Kernel Driver, DbgPrint, DbgViewarrow-up-rightLoading Windows Kernel Driver for Debuggingarrow-up-rightSubscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel Driverarrow-up-rightListing Open Handles and Finding Kernel Object Addressesarrow-up-rightSending Commands From Your Userland Program to Your Kernel Driver using IOCTLWindows Driver Model (WDM)arrow-up-rightWindows Kernel Drivers 101arrow-up-rightx64 Calling Convention: Stack Framearrow-up-rightSystem Service Descriptor Table - SSDTarrow-up-rightInterrupt Descriptor Table - IDTarrow-up-rightToken Abuse for Privilege Escalation in Kernelarrow-up-rightManipulating ActiveProcessLinks to Hide Processes in Userlandarrow-up-rightETW: Event Tracing for Windows 101arrow-up-rightExploring Injected ThreadsA short exploration of injected threads with Get-InjectedThreads.ps1 and WinDBGarrow-up-rightParsing PE File Headers with C++arrow-up-rightInstrumenting Windows APIs with Fridaarrow-up-rightExploring Process Environment BlockExploring a couple of interesting members of the PEB memory structure fieldsarrow-up-rightWriting a Custom Bootloaderarrow-up-right

上一页miscellaneous-reversing-forensics下一页Cloud

最后更新于

这有帮助吗?