The Windows OS is the most used OS in the world. As such, it’s a popular platform for applications, services, and unfortunately, also a target for malicious actors. This path deepens your understanding of the inner workings of Windows, so you can tackle almost any project, such as security research, performance optimization, debugging, and more. The path focuses on Windows Internals and related topics, such as the x64 processor as the most commonly used CPU type on Windows platforms today.
Overview
Syllabus
- Windows Internals: Day 1
- This course provides the fundamental knowledge of Windows concepts and architecture, including processes, threads, virtual memory, system calls, DLLs, handles and objects. This will serve as a good foundation for the following courses which focus on programming.
- Windows Internals: Day 2
- This course continues where Day 1 left off, digging deeper into processes – process creation and destruction, types of processes and more. Job objects are also described, including their extension called Silos that is the basis of Windows container implementation. Finally, threads are discussed, including scheduling and management.
- Windows Internals: Day 3
- This course deals with various kernel mechanisms. From interrupts and exceptions, through thread synchronization, NT global flags, Event Tracing for Windows, and finally Wow64.
- Windows Internals: Day 4
- This course deals with memory management. From process virtual memory page states, and protection, to virtual address translation performed by the CPU, to the various user mode and kernel mode APIs as they relate to memory.
- Windows Internals: Day 5
- The last “day” in the Windows Internals series deals with two topics. The I/O system is described, including the use of device drivers, and their integration into the system as whole. Then many security mechanisms are discussed, from access tokens, security descriptors, to access checks and integrity levels, among others.
- x64 Architecture and Programming (Part 1)
- This course teaches the basics of the x86/x64 assembly language from the ground up. It focuses on integrating it into C/C++ applications, but also shows how to write stand alone applications with assembly only.
- x64 Architecture and Programming (Part 2)
- Picking up where part 1 left off, this course dives into the architecture of modern x64 processors, describing their mode of operations, focusing on those used by modern operating systems like Windows, while describing the various mechanisms of the processor used on Windows, such as system calls, interrupts and more.
- Mastering WinDbg
- This course dives into the WinDbg debugger, and how to effectively use it in user mode and kernel mode debugging, as well as the analysis of kernel mode dump files.
- Sysinternals Tools Deep Dive (Part 1)
- The Sysinternals tools are free powerful tools that provide deep insight into Windows. This course dives deeper into the following tools, while discussing Windows Internals details: Process Explorer, WinObj, DebugView, VMMap, CPU Stress, Not My Fault, and LiveKd.
Taught by
Pavel Yosifovich
Related Courses
Related Articles
-
10 Best Assembly Language Courses for 2026: Bare-Metal Programming
-
7 Best Reverse Engineering Courses for 2026
-
10 Best Linux Courses for 2026: Don’t Fear the Command Line
-
[2026] 2000+ Free Developer and IT Certifications
-
9 Best Microservices Courses for 2026: Scalability, Block by Block
-
7 Best Low-Code/No-Code Development Courses for Beginners in 2026
