دوره ScorpioSoftware: Advance Windows Kernel Programming

The cyber security industry has grown considerably in recent years, with more sophisticated attacks and consequently more defenders. To have a fighting chance against these kinds of attacks, kernel mode drivers must be employed, where nothing (at least nothing from user mode) can escape their eyes. The course provides the foundations for the most common software device drivers that are useful not just in cyber security, but also other scenarios, where monitoring and sometimes prevention of operations is required. Participants will write real device drivers with useful features that can then be modified and adapted to their particular needs.The course includes tips and techniques employed by the instructor in their own projects, based on years of experience.

Syllabus

Windows Internals quick overview

The I/O System

Device Drivers Basics

The I/O Request Packet

Kernel mechanisms

Programming Techniques

Process and thread monitoring

Object and Registry notifications

File system mini filters

Windows Filtering Platform

Programming Techniques II

Introduction to KMDF

ScorpioSoftware: Advance Windows Kernel Programming