Mastering
Windows Internals
Mastering
Windows Internals
Mastering
Windows Internals
Learn how to navigate the complex Windows kernel, understand the lifecycle of binaries, grasp the intricacies of authentication and authorization, explore various persistence techniques, and gain a deep understanding of the Windows Registry.
Learn how to navigate the complex Windows kernel, understand the lifecycle of binaries, grasp the intricacies of authentication and authorization, explore various persistence techniques, and gain a deep understanding of the Windows Registry.
Learn how to navigate the complex Windows kernel, understand the lifecycle of binaries, grasp the intricacies of authentication and authorization, explore various persistence techniques, and gain a deep understanding of the Windows Registry.
Get a special offer
Get access
Get hands-on experience with a diverse toolkit that includes lesser-known open-source tools and paid software, enabling you to put your knowledge into practice effectively.
deepen your comprehension
of crucial cybersecurity concepts
deepen your comprehension
of crucial cybersecurity concepts
deepen your comprehension
of crucial
cybersecurity
concepts
improve your skill set
improve your skill set
improve your
skill set
explore new
career prospects
in the cybersecurity
field
explore new career prospects
in the cybersecurity field
explore new
career prospects
in
the cybersecurity field
Get access to the course
Get access to the course
Course outline
Course outline
1.Talking to the Windows Kernel
1.Talking to the Windows Kernel
1.Talking to the Windows Kernel
We kick off with a highly engaging topic - BYOVD or Bring Your Own Vulnerable Driver. Rather than struggling to get into the Windows kernel, you can leverage code that already has permission to run there. You can halt what seems unstoppable, read what appears unreadable, or even crash the system due to a minor error. This module explains syscalls, IOCTLs, and FCTLs. You can anticipate a lot of C programming, but the silver lining is that it's primarily about interpreting the code already prepared for you.
We kick off with a highly engaging topic - BYOVD or Bring Your Own Vulnerable Driver. Rather than struggling to get into the Windows kernel, you can leverage code that already has permission to run there. You can halt what seems unstoppable, read what appears unreadable, or even crash the system due to a minor error. This module explains syscalls, IOCTLs, and FCTLs. You can anticipate a lot of C programming, but the silver lining is that it's primarily about interpreting the code already prepared for you.
2.EXEs, DLLs, and Other Binaries
2.EXEs, DLLs, and Other Binaries
2.EXEs, DLLs, and Other Binaries
Running an EXE file is simple - a double-click suffices. But what transpires thereafter? How are required binaries located, loaded, utilized, or misused? Brace yourself for a journey into processes, PE files, search orders, and PEBs. And not to forget, LOLBins.
Running an EXE file is simple - a double-click suffices. But what transpires thereafter? How are required binaries located, loaded, utilized, or misused? Brace yourself for a journey into processes, PE files, search orders, and PEBs. And not to forget, LOLBins.
3. Authentication and Authorization
3. Authentication and Authorization
3. Authentication and Authorization
In the realm of security, the two paramount questions are "Who are you?" and "What are you trying to do?". In this module, we delve into the mechanisms that answer these crucial questions. We concentrate on local mechanisms (no Active Directory this time), allowing us to investigate more deeply.
In the realm of security, the two paramount questions are "Who are you?" and "What are you trying to do?". In this module, we delve into the mechanisms that answer these crucial questions. We concentrate on local mechanisms (no Active Directory this time), allowing us to investigate more deeply.
4. Persistence Techniques
4. Persistence Techniques
4. Persistence Techniques
We don't question whether you're attacking or defending Windows systems. However, irrespective of your role, you should understand how an operating system can be manipulated to execute atypical code. While we won't cover all methods, I will strive to present a systematic approach and categorization, enabling you to attack or defend Windows systems as per your requirements.
We don't question whether you're attacking or defending Windows systems. However, irrespective of your role, you should understand how an operating system can be manipulated to execute atypical code. While we won't cover all methods, I will strive to present a systematic approach and categorization, enabling you to attack or defend Windows systems as per your requirements.
5. Windows Registry
5. Windows Registry
5. Windows Registry
I won't be showing you how to change the desktop wallpaper or enable SMB Signing. But if you aspire to do that someday, you'll understand how the data is recorded, where it's stored, and how the operating system uses it. You'll also comprehend why one of the most frequently used Registry keys doesn't actually exist and what transpires if the path contains more than 512 levels. And yes, we'll delve into some even more nerdy stuff.
I won't be showing you how to change the desktop wallpaper or enable SMB Signing. But if you aspire to do that someday, you'll understand how the data is recorded, where it's stored, and how the operating system uses it. You'll also comprehend why one of the most frequently used Registry keys doesn't actually exist and what transpires if the path contains more than 512 levels. And yes, we'll delve into some even more nerdy stuff.
6. The Toolkit
6. The Toolkit
6. The Toolkit
The course wouldn't be complete without tools. At times it's lesser-known open-source software, at others, it's appropriately configured Sysinternals utilities that you use every day, and sometimes it's reasonably priced commercial software. I will share what tools I use and, more importantly, how I use them. By the end of the course, you'll have acquired the knowledge that empowers you to continue your learning journey independently.
The course wouldn't be complete without tools. At times it's lesser-known open-source software, at others, it's appropriately configured Sysinternals utilities that you use every day, and sometimes it's reasonably priced commercial software. I will share what tools I use and, more importantly, how I use them. By the end of the course, you'll have acquired the knowledge that empowers you to continue your learning journey independently.
Mastering Windows Internals Course
Mastering
Windows Internals Course
Course Access Only
Access to course with carefully curated collection of crucial modules that will elevate your expertise in cybersecurity, specifically focusing on mastering Windows Internals.
$499 one-time payment
Access to 6 x 90-min recorded sessions
based on the Course Outline
Lifetime access to
all the recordings and future updates
Get Course Access
$499
$499 one-time payment
Course + Community Access
Access to relevant stuff that matters for those who want to be smarter about Microsoft Security, level up cybersecurity skills, and accelerate a career.
$799 one-time payment
Everything in Course Access
2 live sessions per month from
Grzegorz Tworek and external guest speakers
Recordings of all previous sessions
Lifetime access to the community
of 150+ cybersecurity professionals
Get Community Access
$799
$799 one-time payment
Who is Mastering Windows Internals for
Who is Mastering Windows Internals for
You're ready
to delve deeper
You're ready
to delve deeper
but unsure of the most effective path to advance your knowledge.
but unsure of the most effective path to advance your knowledge.
You have extensive experience
in cybersecurity
You have extensive experience
in cybersecurity
but you feel like you've hit a plateau.
but you feel like you've hit a plateau.
You're eager to tackle more
complex challenges
You're eager to tackle more
complex challenges
but the landscape of Windows internals seems vast and overwhelming.
but the landscape of Windows internals seems vast and overwhelming.
You want to upskill
You want to upskill
but the thought of self-guided learning feels too daunting and unstructured.
but the thought of self-guided learning feels too daunting and unstructured.
You want to stand out
in your field
You want to stand out
in your field
but are unsure how to elevate your expertise beyond the norm.
but are unsure how to elevate your expertise beyond the norm.
Perhaps you're already
a seasoned professional
Perhaps you're already
a seasoned professional
but you feel like you're not progressing at the pace you anticipated.
but you feel like you're not progressing at the pace you anticipated.
Maybe you're a penetration tester, a security researcher,
or a system administrator
Maybe you're a penetration tester, a security
researcher, or a system administrator
and you're ready for the next step, but you need
the right course to guide you.
and you're ready for the next step, but you need
the right course to guide you.
Who is Mastering
Windows Internals for
You're eager
to tackle more
complex challenges
but the landscape of Windows internals seems vast and overwhelming.
You want
to upskill
but the thought of self-guided learning feels too daunting and unstructured.
You want to stand
out
in your field
but are unsure how to elevate your expertise beyond the norm.
Perhaps you're
already a seasoned
professional
but you feel like you're not progressing at the pace you anticipated.
You're ready
to delve deeper
but unsure of the most effective path to advance your knowledge.
You have extensive
experience in
cybersecurity
but you feel like
you've hit
a plateau.
Maybe you're
a penetration tester,
a security researcher,
or a system
administrator
but you feel like
you've hit
a plateau.
Mastering Windows Internals
Course Access Only
Access to course with carefully curated collection of crucial modules that will elevate your expertise in cybersecurity, specifically focusing on mastering Windows internals.
$499
$499 one-time payment
Access to 6 x 90-min recorded sessions
based on the Course Outline
Lifetime access to
all the recordings and future updates
Get Course Access
Course + Community Access
Access to relevant stuff that matters for those who want to be smarter about Microsoft Security, level up cybersecurity skills, and accelerate a career.
Everything in Course Access
2 live sessions per month from Grzegorz
Tworek and external guest speakers
Recordings of all previous sessions
Lifetime access to the community
of 150+ cybersecurity professionals
Get Community Access
$799
$799 one-time payment
Curated by Grzegorz Tworek
Curated by Grzegorz Tworek
Curated by Grzegorz Tworek
Microsoft MVP, Security Fanatic, personified Windows Defender. Member of Microsoft Security Trusted Advisors and the Microsoft Springboard Technical Experts Panel.
Led the Windows Team in the NATO Cooperative Cyber Defence Centre of Excellence’s Locked Shields exercises in 2021, 2022, and 2023.
Also has a contribution to the GitHub Archive Program’s Arctic Code Vault and has been nominated as a Microsoft Most Valuable Professional for 17 consecutive years, starting from 2007.
Trusted by professionals
Trusted by professionals
Tomasz Onyszko
CTO of Predica, Microsoft
Regional Director
(ex 14 times MVP)
In its unique way, Grzegorz knows how to convey his deep knowledge in real-world use cases and scenarios. Learning with him and tapping into his way of thinking is
a one-of-a-kind learning experience.
John Hammond
Cybersecurity Researcher,
Educator
The way Greg (Grzegorz) presents topics is truly engaging and fascinating. His knowledge is of high quality and top-notch. If you want to dive deeper into Microsoft Security, learning from him is a must.
Piotr Więcek
Freelance Offensive
Security Specialist
Grzegorz is a recognized expert in the field of Windows, excelling at simplifying complex topics for easy understanding.
The materials he presented during the sessions helped me improve my skills as a penetration tester.
FAQ
FAQ
Is it a monthly payment?
Is there any guarantee?
Is it exclusively for professionals?
Time to master Windows Internals
Catch the Cyber Monday offer!
Available only until November 27, 2023.
Catch the Cyber Monday offer!
Available only until November 27, 2023.
Get access
© 2023 gtworek.com