I found and read this question but I didn't found my answer SSDT hooking alternative in x64 systems I want to protect my application against termination by other programs. In the 32Bit version of w...

I'm trying to get WinDbg debugging over the network to work, but it always loses connections after I break into the debugger (Debug->Break), and then try to start it again (Debug->Go). However, if ...

I've been searching for a clear difference b/w a Sensitive and Privileged instruction but its all blurry right now. As far as i know: A sensitive instruction NEEDS TO trap to kernel mode if execut...

how can I obtain runtime information about which version of kernel is running from inside linux kernel module code (kernel mode)?

I am trying to run following code, which was copied from here. I have made few changes to run it with older kernel versions. When I insert kernel module, nlmsg_multicast() fails and logs as nlmsg...

I'm building a HW-simulator for our driver team. Now, the simulator is devided in to 2 modules: First module runs inside the driver, in kernel mode and that's where the main interface between the d...

Is there a way to get function caller in linux kernel? I know __func__ returns the function name which is executing. I am looking for the function which called "__func__"

So one of the nice features of virtualbox is to have snapshots that you can restore later on. However, when doing kernel debugging with virtualbox and windbg, a debugging session is not restored u...

What is the difference between NtCreateProcess and ZwCreateProcess? In ntdll.dll, both NtCreateProcess and ZwCreateProcess point to exactly the same address

I would like to learn more about osdev. So I thought about learning from other small kernels to get better at osdev. Is there any good kernel for learning osdev? Of course it needs to be GPL ...