The cyber security industry has grown considerably in recent years, with more sophisticated attacks and consequently more defenders. To have a fighting chance against these kinds of attacks, kernel mode drivers must be employed, where nothing (at least nothing from user mode) can escape their eyes. The course provides the foundations for the most common software device drivers that are useful not just in cyber security, but also other scenarios, where monitoring and sometimes prevention of operations is required. Participants will write real device drivers with useful features that can then be modified and adapted to their particular needs.The course includes tips and techniques employed by the instructor in their own projects, based on years of experience.
Syllabus
Windows Internals quick overview
The I/O System
Device Drivers Basics
The I/O Request Packet
Kernel mechanisms
Programming Techniques
Process and thread monitoring
Object and Registry notifications
File system mini filters
Windows Filtering Platform
Programming Techniques II
Introduction to KMDF
ScorpioSoftware: Advance Windows Kernel Programming
نظرات کاربران
Comments: 0