A forum for reverse engineering, OS internals and malware analysis 

Forum for discussion about kernel-mode development.
Forum Statistics Last post
4 Replies 
 9233 Views
 by Victor43
 Mon May 15, 2017 8:32 pm
How to link with ntoskrnl.lib?
by grechkoed  - Mon Apr 24, 2017 8:28 am
4 Replies 
 9942 Views
 by tangptr
 Tue Apr 25, 2017 12:55 pm
Thread Context Switch Callback
by sima  - Tue Apr 18, 2017 3:35 pm
0 Replies 
 6798 Views
 by sima
 Tue Apr 18, 2017 3:35 pm
4 Replies 
 19066 Views
 by pwnslinger
 Mon Mar 27, 2017 12:29 pm
7 Replies 
 19629 Views
 by 0xf0f
 Wed Mar 15, 2017 12:01 pm
MM code bug check for vad erase
by 0xf0f  - Mon Mar 13, 2017 7:30 am
5 Replies 
 10926 Views
 by 0xf0f
 Wed Mar 15, 2017 11:59 am
9 Replies 
 17294 Views
 by Vrtule
 Wed Mar 08, 2017 5:55 pm
Integrity check of DLL from Driver
by evelyette  - Wed Feb 22, 2017 11:26 pm
3 Replies 
 10145 Views
 by Vrtule
 Thu Feb 23, 2017 9:04 am
KdPrint not working
by guidono  - Wed Feb 22, 2017 1:59 pm
1 Replies 
 7558 Views
 by Vrtule
 Wed Feb 22, 2017 7:51 pm
1 Replies 
 9437 Views
 by ithurricane
 Thu Feb 16, 2017 2:53 am
Mapping ntdll.dll into kernel-mode memory
by evelyette  - Fri Feb 10, 2017 11:01 pm
2 Replies 
 8771 Views
 by evelyette
 Mon Feb 13, 2017 6:50 pm
Callback on ZwOpenSection
by dazzer  - Mon Jan 16, 2017 4:09 pm
2 Replies 
 8917 Views
 by s0me
 Fri Feb 03, 2017 1:09 pm
ntkrnlmp.pdb for Win10 64-bit Build 14393?
by mkroll  - Wed Nov 30, 2016 8:19 am
1 Replies 
 19030 Views
 by mkroll
 Wed Nov 30, 2016 5:10 pm
StartService very slow
by halouworld  - Wed Sep 28, 2016 3:20 pm
0 Replies 
 19879 Views
 by halouworld
 Wed Sep 28, 2016 3:20 pm
what is the best way for communicate with Disk?
by parviz  - Tue Sep 27, 2016 6:31 am
0 Replies 
 7295 Views
 by parviz
 Tue Sep 27, 2016 6:31 am
iphlpapi.dll RPC target
by Vrtule  - Mon Aug 22, 2016 2:04 pm
3 Replies 
 10427 Views
 by Vrtule
 Sun Aug 28, 2016 6:20 pm
ZwDuplicateObject FAILED on WIN10
by myid  - Sat Aug 13, 2016 8:05 am
5 Replies 
 10633 Views
 by myid
 Sun Aug 28, 2016 4:49 pm
Determine NtUser indexes dynamically
by flauteABC  - Tue Jun 14, 2016 2:56 pm
2 Replies 
 12369 Views
 by EP_X0FF
 Sat Jul 02, 2016 10:40 am
5 Replies 
 12500 Views
 by Victor43
 Wed Jun 08, 2016 6:50 am
Basics of Windows Kernel Internals
by TSION  - Fri May 20, 2016 1:11 am
0 Replies 
 7880 Views
 by TSION
 Fri May 20, 2016 1:11 am
Callback on NtReadVirtualMemory
by segark  - Sun May 01, 2016 4:56 pm
5 Replies 
 11804 Views
 by segark
 Sun May 08, 2016 4:33 pm
how to locate and walk the TCP stack ?
by Victor43  - Fri May 06, 2016 4:27 pm
0 Replies 
 6845 Views
 by Victor43
 Fri May 06, 2016 4:27 pm
Static bypass patchGuard and DSE on win8.1
by kz丶cn  - Fri Apr 22, 2016 3:21 pm
3 Replies 
 19468 Views
 by kz丶cn
 Mon Apr 25, 2016 7:37 am
Write to win32k .text on Windows 10 x64
by flauteABC  - Tue Apr 12, 2016 3:06 pm
4 Replies 
 9983 Views
 by Dmitry Varshavsky
 Sat Apr 16, 2016 10:44 pm
Small kernel rootkit "PhoenixKit"
by Microwave89  - Sun Aug 31, 2014 1:25 am
16 Replies 
 27800 Views
 by gpcity
 Thu Apr 14, 2016 3:07 am
  • 1
  • 2
  • 3
  • 4
  • 5
  • 14