Configuring Kernel Debugging Environment with kdnet and WinDBG Preview
Compiling a Simple Kernel Driver, DbgPrint, DbgView
Loading Windows Kernel Driver for Debugging
Subscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel Driver
Listing Open Handles and Finding Kernel Object Addresses
Sending Commands From Your Userland Program to Your Kernel Driver using IOCTL
Windows Kernel Drivers 101
Windows x64 Calling Convention: Stack Frame
Linux x64 Calling Convention: Stack Frame
System Service Descriptor Table - SSDT
Interrupt Descriptor Table - IDT
Token Abuse for Privilege Escalation in Kernel
Manipulating ActiveProcessLinks to Hide Processes in Userland
ETW: Event Tracing for Windows 101
Exploring Injected Threads
Parsing PE File Headers with C++
Instrumenting Windows APIs with Frida
Exploring Process Environment Block
Writing a Custom Bootloader
Last updated 1 month ago
