Introduction to Virtual Processor State Before getting into Virtual Secure Mode, we first need to understand what is Virtual Processor state. Virtual Processor state is a structure that’s availab...

In the last years, Virtualization Based Security became a major defensive player in the world of low-level binary exploitation, and made it much harder for vulnerability researchers to create a ful...

Hello everyone, in this article we’ll go through the process of reverse engineering and exploiting an old and vulnerable Gigabyte driver. I’ll demonstrate 2 ways of performing a “Token Stealing” to...

Hello everyone, in this article I’m going to go over the basics of Driver Development and explain in theory and in practice the basic components required to build a basic driver. We’re also going t...

categories: [Reverse Engineering, Security Research, Kernel Mode, Windows Internals] tags: [Reverse Engineering, Security Research, Kernel Mode, Windows Internals, Memory Management, WinDbg, IDA Pr...

Understanding Threads and CPU Scheduling In this article, we’ll explore what a thread is, its components, how threads relate to the CPU, and how they are scheduled when running on CPU cores. Wh...

Hello everyone, I’ve decided to start a series of Windows Internals articles which, at the beginning, will not directly relate to security. After covering some important Windows Internals topics, ...

Hello everyone, this article is the continuation of part 1 and will mainly focus on the practical aspect of what we’ve been talking about on the previous part. For this article, I created a C++ pro...

Intro to Syscalls & Windows internals for malware development Pt.1 Hello Everyone, over the years I’ve written many articles/summaries that for some reason I kept to myself and didn’t think to...