NT kernel resources
http://www.alex-ionescu.com/wloo-talk.pdf
Introduction to NT Internals.pdf
http://www.osronline.com
NT kernel resource links
http://msdn.microsoft.com/en-us/magazine/default.aspx
http://www.nondot.org/sabre/os/articles
Rootkits:
Rootkits : Subverting The Windows Kernel
Shadow Walker Raising the Bar for Windows Rootkit Detection
Rootkits Detection Windows Systems
Managed Code Rootkits
http://ntcore.com [.NET Internals and Code Injection] [.NET Internals and Native Compiling]
.NET Framework Rootkits: Backdoors inside your Framework
CLR Injection: Runtime Method Replacer
Other useful articles
Peering Inside the PE written at 1994
An In-Depth Look into the Win32 Portable Executable File Format[1][2]
User Mode Debugging Internals [1], [2], [3]
Nt vs. Zw - Clearing Confusion On The Native API
Understanding the Low Fragmentation heap
Practical Windows XP/2003 Heap Exploitation
The_Windows_XP_IRP_Completion_Primer.pdf
I/O File System Filter Driver for Windows NT
posted on
