Search Results

Found 15 blog topic(s) in 2ms. The latest articles will appear on top:

• 
  Trusted Platform Module in Windows - Part 1

  How to use TPM to encrypt and decrypt small blobs of data programmatically.

  windows-internals

  tpm

  cpp

  reverse-engineer

  low-level

  win10

  win11

  August 28, 2023

  by Dennis A. Babkin

  by Rbmm
• 
  Native Functions To The Rescue - Part 1

  How to make a critical process that can crash Windows if it is closed.

  windows-internals

  undocumented

  win10

  win11

  win32

  reverse-engineer

  low-level

  August 22, 2023

  by Dennis A. Babkin

  by Rbmm
• 
  Shaky Windows All The Way

  How to perform "title bar window shake" programmatically in Windows.

  windows-internals

  undocumented

  win10

  win11

  win32

  reverse-engineer

  August 21, 2023

  by Rbmm
• 
  Things You Find While Reverse Engineering - AlertByThreadId

  How to put a thread into a kernel wait state and how to wake it up by a thread ID.

  while-re

  windows-internals

  synchronization

  low-level

  undocumented

  August 18, 2023

  by Dennis A. Babkin

  by Rbmm
• 
  Nuances of a Process Harakiri in Windows

  What is the shutdown-in-progress state of a process?

  windows-internals

  synchronization

  debugger

  low-level

  August 16, 2023

  by Dennis A. Babkin

  by Rbmm
• 
  Things You Thought You Knew - Getting Windows Version

  How to tell the "real" version of Windows your app is running on?

  windows-internals

  win32

  reverse-engineer

  undocumented

  October 20, 2022

  by Dennis A. Babkin

  by Rbmm
• 
  Crazy APIs & Silly Documentation - Part 1

  Microsoft's MSDN faux pas & weird sh*t you can find while reverse engineering Windows.

  silly-doc

  weird-api

  windows-internals

  reverse-engineer

  win10

  first post

  July 31, 2022

  by Dennis A. Babkin

  by Rbmm
• 
  Coding Windows Kernel Driver - InjectAll

  Making the Visual Studio solution for DLL injection into all running processes.

  windows-kernel

  win32

  windows-internals

  cpp

  msvs

  apc

  asm

  pe

  ...

  May 29, 2021

  by Dennis A. Babkin

  by Rbmm
• 
  Controlling Windows 10 Updates

  How to enable installation of updates or to prevent it during a reboot or shutdown.

  updates

  win10

  reverse-engineer

  windows-internals

  undocumented

  January 21, 2021

  by Dennis A. Babkin

  by Rbmm
• 
  Patching Bugs - Windows Update Service - Part 2

  Second custom patch for the DLL hijack bug in the Windows Update Service.

  win10

  updates

  bug

  reverse-engineer

  windows-internals

  January 12, 2021

  by Rbmm

  by Dennis A. Babkin
• 
  Windows Authentication & Smart Cards

  A primer on the Windows authentication process, Kerberos, smart cards and password-less entry.

  credential-provider

  win-logon

  smartcard

  win10

  windows-internals

  December 22, 2020

  by Rbmm
• 
  Depths of Windows APC

  Aspects of internals of the Asynchronous Procedure Calls from the kernel mode.

  windows-internals

  apc

  windows-kernel

  win32

  cfg

  undocumented

  asm

  November 27, 2020

  by Rbmm

  by Dennis A. Babkin
• 
  Intricacies of Windows APC

  Deep dive into user-mode Asynchronous Procedure Calls in Windows.

  windows-internals

  win32

  apc

  November 11, 2020

  by Dennis A. Babkin

  by Rbmm
• 
  Pwning Windows Updates - DLL Hijacking Through Orphaned DLL

  Exploiting bug in Windows Update Service to gain local privilege escalation through DLL hijacking.

  win10

  updates

  bug

  reverse-engineer

  windows-internals

  September 12, 2020

  by Dennis A. Babkin

  by Rbmm
• 
  Pwning Windows Kernel - Unkillable User-Mode Process - Part 2

  Technical details of the Windows 10 kernel bug - Cascade of deadlocks.

  windows-kernel

  windows-internals

  reverse-engineer

  synchronization

  bug

  September 10, 2020

  by Rbmm