
Opening of the course
After this lesson, you will have a kernel development environment in your machine
After this lesson, you will able to debug your windows kernel
After this course , you will able to write the first driver
After this course , you will have some insight of PE Image File
After this course , you will have some insight of Driver and kernel object
After this course , you will have some insight of Windows Memory Manager
After this course , you will have some insight of Windows Thread Internals
After this course , you will have some insight of process internals
After this course , you will have some insight of legacy processors to modern processor, and how it works as well
After this course , you will have some insight of SYSTEM CALL and learn about internal structure
In this lesson , you're going to learn how to load your driver in system programatically as well as communicate with your driver
After this course , you will have some insight of System Callback, how does it work.
In this lesson you're going to learn bunch of system callback registration and hacky way to register some callback that's not permitted by default !!!!
After this course , you are able to do kernel forensic of detecting remote thread injection from kernel
After this course , you are able to dumping and getting the PE Image loading path (.DLL /.SYS/ .EXE) from kernel
After this course , you are able trace every registry operation in kernel, as well as, intercept, stop, modify, and bypass them.
After this course , you are able to protect your process by kernel object level protection
In this course, you can learn more about communication way in between user mode and kernel mode, to make a better security engineering
This lesson covers IRP internals usage, and security implication , such as , driver control interception by IRP hook and IRP hook detection
Summary, after this section, you are able to set up the driver development environment, debugging the windows kernel, loading the symbol, write your own first driver, also create you anti-virus / anti-cheat like monitor.
This section is introducing the virtualization technique for security research purpose
Compile your first hypervisor
After this course , you will able to understand how hypervisor works internally
After this course , you will able to monitor your OS / Processes behavior by your customized Hypervisor
After this course , you will able to use hypervisor as your nicest weapon ;)
After this course , you will able to research on nesting virtualization, like VMExit / VMEntry virtualization, EPT virtualization , etc
P.S. If you do have any kind of question during the course please let me know. Moreover, for student interaction and connecting
Have you ever imagine to work in a big IT company like Microsoft , Google or Facebook ? Have you ever want to be a fineness hacker in kernel and learn related knowledge and experience from Security Researcher? If the answer is YES, don't hesitate to take this course, It will guide you from zero to one into the kernel security by easiest way i'd say.
Understanding a low-level knowledge is a big plus for your career growth. Except for security folks, understanding it also enable us to have better ability to debug our high level program, this course will show you how am I explorer and leverage the knowledge of kernel and low level in research and development for production.
With attending this course, you will be enabled to understand what behinds the low level security project scene, how does it works behind the anti-cheat engine in general.
You will understand how to start a driver development in Windows whether as your hobby or career.
You will be able create your customized anti-cheat engine after this course from kernel , virtualization and hardware level.
Practically, after this course, you will know how to write your own kernel drivers for security, debugging the kernel, troubleshooting the Blue Screen, develop a anti-cheat like kernel based security solution, to create a kernel based weapon on your own, also enable you to develop a hypervisor based security solution, to create the hypervisor based security weapon for attack and defense on your own.
This course is teaching technique in general, however, it's the usable skills to develop or analysis on anti-cheat or rootkit, or game cheat as well.
This is my first time to be a lecturer, Hope you all have a nice journal during this course, and if you have any question during this course, please let me know :)