Windows Kernel Debugging: Processes

How to debug the structures that store information about the process in the Windows operating system? This article will answer that question. You will also be introduced to the methods of manipulating the process. Finally, a method of making an existing process similar to a running instance of another program will be presented, using the notepad process and OneDrive.exe as an example. Prepare tea or coffee and feel free to read!

Aug 7 2020
Tags: windows, kernel debugging, process, forensics, malware, rootkit
Windows Kernel Debugging: Crash dump

What to do when you see the Blue Screen of Death again? Microsoft's statistics indicate that at least 70% of blue screen instances are caused by incorrect driver implementation. Unfortunately, the flawless implementation of the operating system kernel module is a difficult and responsible task. If you have ever wanted to look under the hood of the Windows operating system, identify a problematic driver or are looking for a rootkit hiding in kernel space, I invite you to read the article.

Jul 14 2020
Tags: windows, kernel debugging, crash dump, forensics, malware, rootkit
Windows Kernel Debugging: Basics

Perhaps you have ever wondered if it is possible and whether it is worth debugging not a single program but all that is under the control of the operating system? If the answer is 'yes' or I have just aroused your curiosity, make yourself a coffee or tea and read the paper that I have prepared for you.

Jun 25 2020
Tags: windows, kernel debugging