Tutorials
Windows InternalsHAL and Ntoskrnl: The Kernel Core ComponentsDive deep into hal.dll and ntoskrnl.exe — the two Ring 0 binaries at the foundation of Windows. Learn their architecture, boot handoff,…Read →Windows InternalsUser Mode vs Kernel Mode: Privilege Rings and the BoundaryExplore how Windows enforces the Ring 3 / Ring 0 boundary using CPU privilege levels, traces the full SYSCALL dispatch path through…Read →Windows InternalsHandle Tables & Object ManagerUnderstand the role and internals of the Windows Object Manager, the structure and purpose of handle tables, kernel object creation and management,…Read →Windows InternalsMemory Management InternalsUnderstand the internal architecture and functionality of Windows memory management, including virtual memory, physical memory mappings, distinctions between stack and heap allocations,…Read →Windows InternalsThreads and the TEB (Thread Environment Block)Understand the internal workings of threads on Windows, the lifecycle of a thread from creation to termination, the critical role of the…Read →Windows InternalsWindows Process Creation Internals & PEBDeeply understand how Windows creates new processes, detailing the internal workings of the CreateProcess API, kernel object management, memory mapping, and the…Read →Exploit Developmentx86 and x64 Assembly from ScratchTo gain a deep, foundational understanding of how x86 and x64 assembly work, from CPU registers and calling conventions to memory addressing…Read →Exploit DevelopmentWhat is Exploit Development?To build a comprehensive understanding of what exploit development is, its goals, classifications, and how attackers leverage vulnerabilities to hijack program execution.…Read →Windows InternalsPE File Format Deep DiveUnderstand the internal structure of Windows Portable Executable (PE) files, including the DOS and NT headers, section table, and directory structures like…Read →Windows InternalsWindows Services & SCM InternalsUnderstand the architecture and functioning of Windows services, how the Service Control Manager (SCM) manages service lifecycles, service types, and dependencies, and…Read →Windows InternalsWindows Scheduled TasksUnderstand the architecture and internals of Windows Task Scheduler, how scheduled tasks are created and executed, and how adversaries abuse them for…Read →Windows InternalsWindows Registry InternalsExplore the internal structure and functionality of the Windows Registry, including its hive-based architecture, key-value model, data types, and how it enables…Read →