Keyboard Hook with with Image File Execution Options
Pavel Yosifovich
August 25, 2024
Keyboard hooking using Image File Execution Options and pretending to be a debugger.
25+ years as Software developer, trainer, consultant, author, and speaker. Co-author of “Windows Internals”. Author of “Windows Kernel Programming”, “Windows 10 System Programming, as well as System and kernel programming courses on PentesterAcademy, and “Windows Internals” series of courses on PluralSight.
$890 or 2 × $150
Learn advanced analysis techniques from real-world malware and harness this knowledge to craft your own malware, understanding attacker strategies. Empower yourself with both defensive and offensive cybersecurity skills.
Leverage the Windows API in this “Windows System Programming” bundle!
The Rust programming language promises to be safe, fast and productive. Created by Mozilla, Rust provides high level features while maintaining control and safety for low level code if required. Rust plays in the same playing field as C/C++ but is fit for any kind of software, from low-level system
Would you like to write applications for Windows with a graphical user interface (GUI) using C++? You may have programmed many command line applications and tools, but how about some GUI? Menus, toolbars, list views, tree views, and graphics? This course shows you how to use WTL and C++ to
Continuing from where part 1 left off, this course digs deeper into the x64 architecture.
x64 processors are the most used processors on which Windows and Linux systems run. Understanding how these processors work is essential when working closely with the OS, such as when debugging, reverse engineering, or researching.
Leverage the Windows API in this “Windows System Programming” bundle!
Continuing from where “Windows System Programming 2” left off, the last part deals with Dynamic Link Libraries, Security, COM Fundamentals, and basic Windowing.
Continuing from where “Windows System Programming 1” left off, this course deals with Jobs, Threads, Thread Synchronization, I/O, and Memory.
The Windows system-level API provides a rich infrastructure for building Windows applications, whether client, server, and anything in between. This course guides the learner through the intricacies of the Windows API, while getting a deeper understanding of Windows mechanisms.
The last “day” in the Windows Internals series is about the I/O System and Security.
Continuing the “Windows Internals” series, day 4 deals with Memory Management.
Bundle of the set of 5 Windows Internals courses.
The Sysinternals tools from Microsoft are useful for any power user on Windows. This course demonstrates some of the tools in detail while adding Windows Internals information. Supporting tools are also used that augment the information provided by the Sysinternals tools.
Many of my tools in a convenient installer (installer and binaries are signed). All updates are free.
Continuing from where “COM Programming 1” left off, this course teaches COM automation, EXE Servers, and COM Threading and Apartments.
COM provides an abstraction and supporting runtime for creating component-based systems, leveraging loose coupling and independence of programming language. Many Windows components are exposed through COM, which also forms the basis of the Windows Runtime.
Continuing from where “Windows Kernel Programming 1” left off, this course covers file system mini-filters, some advanced techniques, and an introduction to KMDF.
The course provides the foundations for the most common software device drivers that are useful not just in cyber security, but also other scenarios, where monitoring and sometimes prevention of operations is required.
Keyboard hooking using Image File Execution Options and pretending to be a debugger.
Ever wondered how many handles you can create in a process? Each process has its
Millions of machines around the world crashed a few days ago, showing the dreaded “Blue
In Windows, every process is associated with a parent process, usually the one created it.
There are many processes running on a typical Windows system – here are some of
A well-known features of Windows is the Image File Execution Options registry key located in
@2025 TrainSec. All rights reserved. Terms of Use | Privacy Policy
Not ready to commit to a learning pathway?
We’ll keep you up to date with the latest cybersecurity trends, free content, and discounts in our newsletter.