Windows Internals for Reverse Engineers

Learn the internals of the Windows NT kernel architecture, including Windows 10 “Threshold 2” and “Redstone 1”, as well as Server 2016, in order to learn how rootkits, PLA implants, NSA backdoors, and other kernel-mode malware exploit the various system functionalities, mechanisms and data structures to do their dirty work. Also learn how kernel-mode code operates and how it can be subject to attack from user-mode callers to elevate their privileges. Finally, learn how CPU architecture deeply ties into OS design, and how Intel, ARM and AMD’s mistakes can lead to more pwnage.

BIO

Alex Ionescu is the Chief Architect at CrowdStrike, Inc. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last two editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as over a few dozen non-security bugs.

Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT-based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV. Alex is also the founder of Winsider Seminars & Solutions Inc., a company that specializes in low- level system software, reverse engineering and security trainings for various institutions. In the last three years, he has also contributed to patches and development in two major commercially used operating system kernels.

More details coming soon