Windows Nt Kernel Security presented at SyScan 2009

by Stephen Ridley,

Tags: Security Exploitation Auditing

Summary : There is very little salient information about Windows kernel auditing and kernel
exploitation techniques. This is probably due to the nature of the security industry
these days. Bugs are getting harder to find, so techniques tend to be closely held.
There have been some "primer" presentations on windows kernel security ("Attacking
the Windows Kernel" NGSSoftware, etc) and some very specific kernel exploitation
presentations on specific bugs. This presentation is more on "lessons learned" while
developing kernel security auditing tools for the Windows kernel.