Pavel Yosifovich

Developer, trainer, author and (sometimes) speaker. Founder of TrainSec Academy.

25+ years as Software developer, trainer, consultant, author, and speaker. Co-author of “Windows Internals”. Author of “Windows Kernel Programming”, “Windows 10 System Programming, as well as System and kernel programming courses on PentesterAcademy, and “Windows Internals” series of courses on PluralSight.

Books and publications

Courses by Pavel Yosifovich

$690 or 5 × $145

Modern C++ Programming course

Trainer: Pavel Yosifovich

201 Lessons |

31:51:00 Hrs

$490 or 5 × $99

Windows Kernel Programming 1

Trainer: Pavel Yosifovich

74 Lessons |

21:30:00 Hrs

The course provides the foundations for the most common software device drivers that are useful not just in cyber security, but also other scenarios, where monitoring and sometimes prevention of operations is required.

Windows Kernel Programming 2

Trainer: Pavel Yosifovich

24 Lessons |

06:30:00 Hrs

Continuing from where “Windows Kernel Programming 1” left off, this course covers file system mini-filters, some advanced techniques, and an introduction to KMDF.

$270 or 3 × $95

Advanced Windows Kernel Programming

Trainer: Pavel Yosifovich

85 Lessons |

30:42:00 Hrs

The Advanced Windows Kernel Programming course is designed for experienced Windows developers and security researchers who want to deepen their understanding of kernel-level programming. This course builds upon foundational knowledge and explores advanced techniques for writing efficient, stable, and secure Windows kernel drivers.

$950 or 7 × $142

User Mode Programming Bundle

Trainer: Pavel Yosifovich

252 Lessons |

53:24:00 Hrs

$690 or 5 × $140

Rust Programming Masterclass

Trainer: Pavel Yosifovich

125 Lessons |

17:54:00 Hrs

The Rust programming language promises to be safe, fast and productive. Created by Mozilla, Rust provides high level features while maintaining control and safety for low level code if required. Rust plays in the same playing field as C/C++ but is fit for any kind of software, from low-level system code to servers, clients and anything in between.

GUI Programming with WTL

Trainer: Pavel Yosifovich

79 Lessons |

12:07:12 Hrs

Would you like to write applications for Windows with a graphical user interface (GUI) using C++? You may have programmed many command line applications and tools, but how about some GUI? Menus, toolbars, list views, tree views, and graphics? This course shows you how to use WTL and C++ to create GUI applications for Windows.

$295 or 3 × $100

x64 Architecture and Programming (Part 2)

Trainer: Pavel Yosifovich

43 Lessons |

07:12:00 Hrs

Continuing from where part 1 left off, this course digs deeper into the x64 architecture.

$490 or 5 × $99

x64 Architecture and Programming (Part 1)

Trainer: Pavel Yosifovich

81 Lessons |

14:12:00 Hrs

x64 processors are the most used processors on which Windows and Linux systems run. Understanding how these processors work is essential when working closely with the OS, such as when debugging, reverse engineering, or researching.

$749 or 5 × $150

Windows System Programming Bundle

Trainer: Pavel Yosifovich

158 Lessons |

34:06:00 Hrs

Leverage the Windows API in this “Windows System ProgramminLeverage the Windows API in this “Windows System Programming” bundle!g” bundle!

$249 or 2 × $130

Windows Internals: Day 5

Trainer: Pavel Yosifovich

48 Lessons |

08:18:00 Hrs

The last “day” in the Windows Internals series is about the I/O System and Security.

$139

Windows Internals: Day 4

Trainer: Pavel Yosifovich

31 Lessons |

05:18:00 Hrs

Continuing the “Windows Internals” series, day 4 deals with Memory Management.

$849 or 6 × $148

Windows Internals Bundle

Trainer: Pavel Yosifovich

211 Lessons |

39:12:00 Hrs

Bundle of the set of 5 Windows Internals courses.

Sysinternals Tools Deep Dive 1

Trainer: Pavel Yosifovich

32 Lessons |

04:31:12 Hrs

The Sysinternals tools from Microsoft are useful for any power user on Windows. This course demonstrates some of the tools in detail while adding Windows Internals information. Supporting tools are also used that augment the information provided by the Sysinternals tools.

$49

Pavel Tools

Trainer: Pavel Yosifovich

11 Lessons |

8 Files Downloads |

Many of my tools in a convenient installer (installer and binaries are signed). All updates are free.

COM Programming 2

Trainer: Pavel Yosifovich

36 Lessons |

06:48:00 Hrs

Continuing from where “COM Programming 1” left off, this course teaches COM automation, EXE Servers, and COM Threading and Apartments.

$390 or 4 × $99

COM programming 1

Trainer: Pavel Yosifovich

58 Lessons |

12:30:00 Hrs

COM provides an abstraction and supporting runtime for creating component-based systems, leveraging loose coupling and independence of programming language. Many Windows components are exposed through COM, which also forms the basis of the Windows Runtime.

Windows Internals: Day 3

Trainer: Pavel Yosifovich

49 Lessons |

07:30:00 Hrs

Day 3 deals with various kernel mechanisms.

$199 or 2 x $105

Windows Internals: Day 2

Trainer: Pavel Yosifovich

49 Lessons |

10:18:00 Hrs

Following “Day One”, this course continues with Windows Internals details, discussing Processes, Jobs, and Threads.

$199 or 2 × $105

Windows Internals: Day 1

Trainer: Pavel Yosifovich

34 Lessons |

7:48:00 Hrs

This course provides the fundamentals of Windows. This will get you up to speed with the Windows core concepts and architecture.

$175 or 2 X $92

Mastering WinDbg

Trainer: Pavel Yosifovich

67 Lessons |

11:06:00 Hrs

WinDbg is a powerful Microsoft debugger, able to debug user mode and kernel mode code. This course shows the major aspects of working with WinDbg, in user and kernel mode, with and without source code.

$340 or 4 × $85

Windows System Programming 1

Trainer: Pavel Yosifovich

48 Lessons |

13:12:00 Hrs

The Windows system-level API provides a rich infrastructure for building Windows applications, whether client, server, and anything in between. This course guides the learner through the intricacies of the Windows API, while getting a deeper understanding of Windows mechanisms.

$295 or 3 × $99

Windows System Programming 2

Trainer: Pavel Yosifovich

64 Lessons |

11:36:00 Hrs

Continuing from where “Windows System Programming 1” left off, this course deals with Jobs, Threads, Thread Synchronization, I/O, and Memory.

$199 or 2 × $100

Windows System Programming 3

Trainer: Pavel Yosifovich

46 Lessons |

09:18:00 Hrs

Continuing from where “Windows System Programming 2” left off, the last part deals with Dynamic Link Libraries, Security, COM Fundamentals, and basic Windowing.

Posts and articles by Pavel Yosifovich

Writing a WinDbg Extension: Streamline Your Debugging Workflow

Pavel Yosifovich March 17, 2025

Note: This blog post is designed to complement the accompanying video embedded at the top

Understanding UAC Virtualization: A Security Mechanism for Legacy Applications

Pavel Yosifovich March 17, 2025

In this video, we dive deep into User Account Control (UAC) Virtualization—a feature introduced in

Windows Insider Green Screen of Death showing a frowny face and crash information.

Exploring the Blue Screen of Death: A Practical Deep Dive

Pavel Yosifovich February 17, 2025

Dive into Pavel’s latest post exploring the Windows Blue Screen of Death—what triggers it, why

RunDll32

Understanding RunDLL32: Leveraging Dynamic Function Invocation

Pavel Yosifovich January 13, 2025

Unlock the power of RunDLL32! Learn how to execute DLL functions, invoke control panel dialogs,

Shell Icon Handler extension

Pavel Yosifovich January 9, 2025

Shell extensions are a powerful feature of the Windows shell that allow developers to extend

Understanding the Differences Between CreateProcessAsUser and CreateProcessWithTokenW in Windows

Pavel Yosifovich December 17, 2024

In this video, we dive into two powerful Windows API functions—CreateProcessAsUser and CreateProcessWithTokenW—that allow you

simple rpc client

Building a Simple RPC Client and Server: A Step-by-Step Guide

Pavel Yosifovich November 20, 2024

Remote Procedure Calls (RPC) are a fundamental mechanism in distributed computing, allowing functions to execute

NTFS Alternate Stream

Exploring NTFS Alternate Streams: A Hidden Gem of the Windows File System

Pavel Yosifovich November 20, 2024

Note: This blog post is designed to complement the accompanying video embedded at the top

writing a simple windows service

Writing a Windows Service

Pavel Yosifovich November 10, 2024

Introduction: Writing a Windows Service Hi, and welcome to this video on writing a Windows

Windows services

Introduction to Windows Services

Pavel Yosifovich November 10, 2024

Welcome to this video about Windows Services. In this video, we’ll cover the basics of

Windows Performance Analyzer

Introduction to the Windows Performance Analyzer

Pavel Yosifovich November 10, 2024

Hi, and welcome to this video about an introduction to the Windows Performance Analyzer. We’re

Sharing Kernel Objects by Name – Perks and Perils

Pavel Yosifovich September 13, 2024

Some Windows kernel object types can have string-based names, which is one way such objects

Keyboard Hook with with Image File Execution Options

Pavel Yosifovich August 25, 2024

Keyboard hooking using Image File Execution Options and pretending to be a debugger.

Process Handles and Identifiers

Maximum Handles in a process

Pavel Yosifovich August 13, 2024

Ever wondered how many handles you can create in a process? Each process has its

CrowdStrike and the Formidable BSOD

Pavel Yosifovich July 21, 2024

Millions of machines around the world crashed a few days ago, showing the dreaded “Blue

Building a Process Tree

Pavel Yosifovich July 15, 2024

In Windows, every process is associated with a parent process, usually the one created it.

“Application Types” on Windows

Pavel Yosifovich July 8, 2024

There are many processes running on a typical Windows system – here are some of

Code Injection with Image File Execution Options

Pavel Yosifovich July 8, 2024

A well-known features of Windows is the Image File Execution Options registry key located in