Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

TrainSec

Windows Kernel Programming 1

via TrainSec

Go to class Write review

Overview

The course provides the foundations for the most common software device drivers that are useful not just in cyber security, but also other scenarios, where monitoring and sometimes prevention of operations is required.

Syllabus

  • Introduction 
    • Introduces the course.
    • Modules 1-7 are part of this course.
    • Modules 8-10 are part of “Windows Kernel Programming 2”.
    • Introduction • 15 mins 
    • Windows Kernel Programming Labs
    • Windows Kernel Programming
    • Code
  • Windows Internals Overview
    • Processes • 38 mins   
    • Virtual Memory • 19 mins 
    • Virtual Memory-2 • 21 mins 
    • Threads • 15 mins 
    • Windows-Acrchitecture • 22 mins 
    • Thread-Priorities • 9 mins 
    • Thread-Scheduling • 19 mins
    • Subsystem-APIs • 10 mins 
    • Native-API • 15 mins 
  • Introduction to WinDbg: Hardware Hacking Expert – Level I – Class 01
    • Introduction-to-WinDbg • 10 mins 
    • Demo-WinDbg-User-Mode • 29 mins
    • Demo-WinDbg-User-Mode-2 • 59 mins 
    • Local-Kernel-Debugging • 9 mins
    • Lab-WinDbg • 23 mins
    • Process-Data-Structures • 32 mins 
    • Manipulating-Kernel-Memory • 7 mins
  • Handles and Objects
    • Objects-And-Handles • 22 mins 
    • More-Kernel-Objects • 14 mins 
  • The I/O System
    • IO-System-Components • 17 mins 
    • Accessing-Objects • 51 mins 
    • NtOpenFile • 22 mins 
    • IO-APIs • 30 mins
    • Kernel-Device-Drivers • 16 mins 
    • Device Driver Basics
    • Driver-Basics • 35 mins 
    • String-And-Memory-APIs • 44 mins 
    • Ex Allocate Pool 2 • 8 mins 
    • Deploying-And-Testing • 18 mins 
    • Registry • 16 mins 
    • Tools-Questions-And-Lab • 30 mins
    • Asserts-and-Traces • 12 mins 
    • Object-Attributes • 21 mins 
    • Driver-and-Devices • 34 mins
  • The Booster Driver
    • Booster-Driver-Client • 12 mins 
    • Booster-Driver-1 • 23 mins
    • Booster-Driver-2 • 59 mins 
    • Booster-Deploy-and-Test • 20 mins
    • Remote-Kernel-Debugging • 37 mins
    • Odds-and-Ends • 10 mins 
    • The I/O Request Packet (IRP)
    • IRP-Introduction • 23 mins
    • Completing-IRP • 7 mins 
    • Referencing-User-Buffers • 37 mins
    • DeviceIoControl-Buffers • 28 mins 
    • Labs-Solutions.mp4 • 1 hr
    • QandA • 6 mins 
    • Interrupts and Exceptions
    • Interrupts-and-IRQLs • 34 mins
    • DPCs • 17 mins 
    • Exceptions • 15 mins 
    • BSOD • 31 mins 
  • Synchronization
    • Thread-Synchronization • 24 mins
    • Mutex • 18 mins 
    • QandA-Driver-Signing • 9 mins
    • Mutex-2 • 9 mins
    • Using-RAII • 19 mins 
    • APCs • 18 mins
    • Fast-Mutex • 8 mins 
    • Semaphore • 11 mins 
    • Events • 13 mins 
    • Executive-Resource • 10 mins
    • Spin-Locks • 29 mins
    • Threads and Timers
    • Threads • 13 mins 
    • Work-Items • 9 mins
    • Timers • 8 mins 
  • Process and Thread Monitoring
    • Process-Monitoring • 39 mins
    • Linked-Lists • 18 mins 
    • Thread-and-Image-Callbacks • 7 mins 
    • Lab-ProcMon • 1h 19mins
    • Lab-ProcMon-2 • 56 mins
    • Object and Registry Notifications
    • Object-Notifications • 22 mins 
    • Registry-Notifications • 14 mins
    • Lab-ProcMon-3 • 48 

Taught by

Pavel Yosifovich

Reviews

Start your review of Windows Kernel Programming 1

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.