Windows Internals Introduction

[0x00] Overview

해당 챕터는 Windows 내부에 대한 연구 및 분석 내용입니다.

[0x01] KPP

  1. Kernel Patch Protection(PatchGuard)
  2. PatchGuard Analysis Tips
    1. PatchGuard Initialize Debugging
    2. PatchGuard Dump Analysis
  3. PatchGuard Initialize(1)
  4. PatchGuard Initialize(2)

[0x02] Piece Of Windows

  1. Memory Descriptor List
  2. Find Hidden Process
  3. Handle Table&Object
  4. I/O Request Packet
    1. I/O Request Packet
    2. I/O Control Code
    3. I/O Transfer Example
  5. Debugging Process
Tags: Windows Reversing Vulnerability Kernel