Learn how to set up a development testing environment for writing Windows kernel-mode drivers using Hyper-V, WinDbg, and Visual Studio.  Cover the basic anatomy of a driver from loading and unloading, I/O control codes, interaction from userland, and kernel debugging.  Implement various abuse primitives including removing process protection, disabling kernel callback routines and driver signature enforcement.

Course Curriculum

  1. 2
    • Introduction

    • Unprotecting Processes

    • Protecting Processes

    • Windows Version Check

  2. 3
    • Introduction

    • Token Privileges Structure

    • Enabling Token Privileges

  3. 4
    • Introduction

    • PspCreateProcessNotifyRoutine Array

    • Getting Module Information

    • Returning Data to the Client

    • Removing a Callback Routine

    • Thread & Image Load Notifications

FAQ

  • What hardware or software is required?

    A physical Windows host and another virtual Windows host running inside Hyper-V.

  • How much C++ do I need to know?

    Foundational knowledge would be useful, but not absolutely essential.

Student Reviews

4 star rating

good

Israel Enriquez

I think is great you develop this type of content

I think is great you develop this type of content

Read Less
5 star rating

Awesome Content

Daniel Feichter

Awesome and very detailed driver dev. content

Awesome and very detailed driver dev. content

Read Less