A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level security.

Overview

WinKernel-Resources

A list of excellent resources for anyone trying to deepen their understanding with regards to Windows Kernel Exploitation and general low level security.

Some resources, links, books, and papers related to mostly Windows Internals and anything Windows kernel related really.

Important Info

Must watch

Windows Rootkits

Talks / video recordings

Articles / papers

Windows kernel mitigations

Talks / video recordings

Articles / papers

General mitigation papers

kASLR

SMEP

CET

Windows kernel shellcode

Articles / papers

Windows kernel exploitation

Talks / video recordings

Articles / papers

Windows kernel GDI exploitation

Talks / video recordings

Articles / papers

Windows kernel Win32k.sys research

Talks / video recordings

Articles / papers

Windows Kernel logic bugs

Talks / video recordings

Articles / papers

Windows kernel driver development

Talks / video recordings

Articles / papers

Windows Internals

Talks / video recordings

Articles / papers

Advanced Windows debugging

Talks / video recordings

Articles / papers

0days - APT advanced malware research

Talks / video recordings

Malware Samples

As far as advanced malware research is concerned i thought it fitting to include a sub-catagory here dedicated to publically available Malware. Rootkits, Bootkits and related low level security and development items to be exact, not just for windows but other platforms as well. Find the list below.

Rootkits
Bootkits

Articles / papers

Video game cheating (kernel mode stuff sometimes)

Talks / video recordings

Articles / papers

Hyper-V and VM / sandbox escape

Talks / video recordings

Articles / papers

Fuzzing

Talks / video recordings

Articles / papers

Windows browser exploitation

Talks / video recordings


Interesting Books

  • Windows Internals, Part 1 (Pavel Yosifovich, and some others)
  • Windows 10 System Programming, Part 1 (Pavel Yosifovich)
  • Windows 10 System Programming, Part 2 (Pavel Yosifovich)
  • Windows Kernel Programming (Pavel Yosifovich)
  • Rootkits: Subverting the Windows Kernel
  • The Rootkit Arsenal
  • Intel® 64 and IA-32 Architectures Software Developer Manuals

Related certifications and courses

Courses

  • Advanced Windows Exploitation (AWE)
  • Sans 660
  • Sans 760
  • Corelan "Bootcamp" training
  • Corelan "Advanced" training

Certifications

  • Offensive Security Exploitation Expert (OSEE)
  • Giac GXPN
You might also like...
CS:APP is an excellent material for learning computer systems and systems programming

CS:APP is an excellent material for learning computer systems and systems programming. However, it is inconvenient to use a virtual machine for self-learners. In this repo, I build a Docker image with most pre-requistes installed and attached all lab materials in it.

Violent Fungus is a command and control (C2) software suite, providing red teams post-exploitation persistence and other juicy stuff.

Violent Fungus is a command and control (C2) software suite, providing red teams post-exploitation persistence and other juicy stuff.

CC2500 Low-Cost Low-Power 2.4 GHz RF Transceiver driver for esp-idf
CC2500 Low-Cost Low-Power 2.4 GHz RF Transceiver driver for esp-idf

esp-idf-cc2500 CC2500 Low-Cost Low-Power 2.4 GHz RF Transceiver driver for esp-idf. I ported from this. 2.00mm pitch External Antena 1.27mm pitch PCB

Zig bindings for the excellent CRoaring library

Zig-Roaring This library implements Zig bindings for the CRoaring library. Naming Any C function that begins with roaring_bitmap_ is a method of the B

This Repo would take notes for some OCW courses which I consider it is excellent.

Excellent OCW This Repo would take notes for some OCW courses which I consider it is excellent. Course Code HomePage Assignment&Note [Done] MIT 6.S096

 	Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors".

COBALT STRIKE 4.4 Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to exe

OverRide - Binary Exploitation and Reverse-Engineering (from assembly into C)
OverRide - Binary Exploitation and Reverse-Engineering (from assembly into C)

OverRide Explore disassembly, binary exploitation & reverse-engineering through 10 little challenges. In the folder for each level you will find: flag

S2-LP driver library, low-level and easy-to-port

S2-LP Library This library provides a simple way to use S2-LP transciever module. This library is WIP, but mostly done. https://www.st.com/en/wireless

Owner
Vector Security
Cyber Security Practitioner and Developer. Passionate about Open Source Software. Intel & Security Automation, Malware R&D, InfoSec Awareness and Education.
Vector Security
A water tank level sensor **Built With WisBlock** to detect overflow and low level conditions.

RAK12014 Laser TOF sensor coming soon WisBlock Watertank Level Sensor Watertank Overflow detection using the RAKwireless WisBlock modules. It implemen

Bernd Giesecke 3 Feb 3, 2022
High-level interface for low-level programming

Singeli Singeli is now able to compile useful programs to C, but it's very rough around the edges, with poor error reporting. We are beginning to use

Marshall Lochbaum 31 Aug 26, 2022
32Kb, small memory footprint, single binary that run list of commands in parallel and waits for their termination

await 32K, small memory footprint, single binary that run list of commands in parallel and waits for their termination documentation linux install cur

Slava 54 Aug 4, 2022
Plot airfield from a file containing the list of airfield of Germany and their position (latitude/longitude)

Plot aerodromes from a file containing the list of aerodromes of Germany and their position (latitude/longitude)

Nanfack Steve Ulrich 2 Feb 6, 2022
A low level Operating System designed using Linux Kernel

Conqueror A low level Operating System designed using Linux Kernel To develop the basic low level operating system, we need following Virtual Machine

mahendra gandham 8 May 27, 2022
This project helps a person park their car in their garage in the same place every time.

garage-parking-sensor Description This project is developed to help a person park their car in their garage in the same place every time. Normally peo

Calvin Pereira 1 Aug 18, 2022
Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions

Table of Contents Table of Contents Introduction Named-Pipes Introduction Exploitation Spraying the non-paged pool Memory Disclosure/Arbitrary Read Co

null 136 Sep 10, 2022
This Repository Aims To Help Beginners with their first successful pull request and Know How to do open source contributions Also For Intermediate and Advance level contributors as well.

Hacktoberfest_2021 This Repository Aims To Help Beginners with their first successful pull request and Know How to do open source contributions Also F

Rishu Rajan 15 Jan 9, 2022
This repository is for everyone for Hacktoberfest 2021. Anyone can contribute anything for your Swags (T- Shirt), must be relevant that can add some value to this repository.

Hacktober Fest 2021 For Everyone! Upload Projects or Different Types of Programs in any Language Use this project to make your first contribution to a

Mahesh Jain 16 Dec 21, 2021
Avian is an experimental digital currency that enables instant payments to anyone, anywhere in the world.

Avian Network [AVN] What is Avian? Avian is an experimental digital currency that enables instant payments to anyone, anywhere in the world. Avian use

null 45 Sep 12, 2022