内核和驱动

发表于2023-06-26|更新于2023-06-27

|字数总计:155|阅读时长:1分钟

ndisapi
libwfp
WFPFirewall
simplewall

awesome-windows-kernel-security-development
Windows-Kernel-Explorer
WindowsResearchKernel-WRK
procfilter
KernelMon
Windows10-CustomKernelSigners
reactos
ProcMonXv2
sandbox-attacksurface-analysis-tools

fishhook -> macOS
minhook
Detours

Windows-driver-samples
WindowsInternals

sysinternals-source

windows source

windows
WinNT5_src_20201004
WinNT4

macos
MACF
windows
ObRegisterCallbacks -> process/thread
https://learn.microsoft.com/zh-cn/windows-hardware/drivers/ddi/wdm/nf-wdm-obregistercallbacks
FltRegisterFilter -> file/stream
delete -> IRP_MJ_CLEANUP

https://www.cnblogs.com/LittleHann/articles/4844874.html

应用层API -> TDI -> 协议驱动 -> NDIS -> 下层硬件

DPC APC RPC LPC
https://blog.csdn.net/m0_37567738/article/details/129083327

从 0 开始学 Linux 驱动开发(一)
https://paper.seebug.org/779/

禁用驱动签名验证
https://blog.csdn.net/culun797375/article/details/108840980
TestSignMode
Driver Sign Enforcement
https://github.com/HyperSine/Windows10-CustomKernelSigners/blob/master/README.zh-CN.md

Linux内核中的软中断、tasklet和工作队列详解（超详细~）
https://www.bilibili.com/read/cv17094615

文章作者: WuRui

文章链接: https://wurui1994.github.io/2023/06/26/kernel-note/

版权声明: 本博客所有文章除特别声明外，均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 WuRui！

kernel driver filter

打赏

微信
支付宝

相关推荐

评论

数据库加载中