Or, on how to use the (Windows 10) new field _ETHREAD.ThreadName to stabilize kernel RW primitives SetThreadDescription() as a way to allocate controlled kernel pools Keeping on with experimenting wit…
Still on my way to learning of Windows kernel, I spend considerable amount of time on WinDbg Preview. I’ve been scripting my way to understand its components, the last in date was nt!ObpRootDirectoryO…
A few scrap notes about my migration from VirtualBox to Hyper-V (in case I attempt to do the same again in the future 😁) Moving a VirtualBox VM to Hyper-V Hyper-V doesn’t support OVF/OVA format, but i…
Here’s a simple trick that I learned from the amazing @scanlime to quickly (and universally) visualize the distribution of byte of any binary file, using the Portable Graymap Format (PGM) format. …
If WinDbg was already setting the standard of what modern debuggers should be like, no doubt WinDbg Preview brings it to a next level. The JavaScript API is not perfect yet but already very efficient,…