Internals
Configuring Kernel Debugging Environment with kdnet and WinDBG PreviewCompiling a Simple Kernel Driver, DbgPrint, DbgViewLoading Windows Kernel Driver for DebuggingSubscribing to Process Creation, Thread Creation and Image Load Notifications from a Kernel DriverListing Open Handles and Finding Kernel Object AddressesSending Commands From Your Userland Program to Your Kernel Driver using IOCTLWindows Kernel Drivers 101Windows x64 Calling Convention: Stack FrameLinux x64 Calling Convention: Stack FrameSystem Service Descriptor Table - SSDTInterrupt Descriptor Table - IDTToken Abuse for Privilege Escalation in KernelManipulating ActiveProcessLinks to Hide Processes in UserlandETW: Event Tracing for Windows 101Exploring Injected ThreadsParsing PE File Headers with C++Instrumenting Windows APIs with FridaExploring Process Environment BlockWriting a Custom Bootloader