Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Purchase Benefits
What is included with this book?
Alex Ionescu is a chief software architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He teaches Windows internals course with David Solomon, and is active in the security research community.
Introduction | |
Structure of the Book | |
History of the Book | |
Sixth Edition Changes | |
Hands-on Experiments | |
Topics Not Covered | |
A Warning and a Caveat | |
Acknowledgments | |
Errata & Book Support | |
We Want to Hear from You | |
Stay in Touch | |
Concepts and Tools | |
Windows Operating System Versions | |
Foundation Concepts and Terms | |
Digging into Windows Internals | |
Conclusion | |
System Architecture | |
Requirements and Design Goals | |
Operating System Model | |
Architecture Overview | |
Key System Components | |
Conclusion | |
System Mechanisms | |
Trap Dispatching | |
Object Manager | |
Synchronization | |
System Worker Threads | |
Windows Global Flags | |
Advanced Local Procedure Call | |
Kernel Event Tracing | |
Wow64 | |
User-Mode Debugging | |
Image Loader | |
Hypervisor (Hyper-V) | |
Kernel Transaction Manager | |
Hotpatch Support | |
Kernel Patch Protection | |
Code Integrity | |
Conclusion | |
Management Mechanisms | |
The Registry | |
Services | |
Unified Background Process Manager | |
Windows Management Instrumentation | |
Windows Diagnostic Infrastructure | |
Conclusion | |
Processes, Threads, and Jobs | |
Process Internals | |
Protected Processes | |
Flow of CreateProcess | |
Thread Internals | |
Examining Thread Activity | |
Worker Factories (Thread Pools) | |
Thread Scheduling | |
Processor Share-Based Scheduling | |
Dynamic Processor Addition and Replacement | |
Job Objects | |
Conclusion | |
Security | |
Security Ratings | |
Security System Components | |
Protecting Objects | |
The AuthZ API | |
Account Rights and Privileges | |
Access Tokens of Processes and Threads | |
Security Auditing | |
Logon | |
User Account Control and Virtualization | |
Application Identification (AppID) | |
AppLocker | |
Software Restriction Policies | |
Conclusion | |
Networking | |
Windows Networking Architecture | |
Networking APIs | |
Multiple Redirector Support | |
Distributed File System Namespace | |
Distributed File System Replication | |
Offline Files | |
BranchCache | |
Name Resolution | |
Location and Topology | |
Protocol Drivers | |
NDIS Drivers | |
Binding | |
Layered Network Services | |
Conclusion | |
About The Authors | |
More Resources for Developers | |
Microsoft Press® books | |
Find the Right Resource for You | |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.