Writing a WinDbg Extension: Streamline Your Debugging Workflow

March 17, 2025

Note: This blog post is designed to complement the accompanying

Dive in

Understanding UAC Virtualization: A Security Mechanism for Legacy Applications

March 17, 2025

In this video, we dive deep into User Account Control (UAC) Virtualization—a feature introduced in Windows Vista to balance security with compatibility for legacy applications. We explore why applications written for Windows XP assumed administrative privileges and how UAC virtualization helps mitigate security risks while maintaining functionality.

You’ll see a hands-on demonstration of how UAC virtualization works, including how it redirects file writes from system directories to per-user locations.

Dive in

Understanding RunDLL32: Leveraging Dynamic Function Invocation

January 13, 2025

Unlock the power of RunDLL32! Learn how to execute DLL functions, invoke control panel dialogs, and test custom DLLs with our latest guide. Packed with examples and insights, this post is part of the free TrainSec Knowledge Library—your go-to resource for mastering Windows tools.

Dive in

Shell Icon Handler extension

January 9, 2025

Shell extensions are a powerful feature of the Windows shell that allow developers to extend and customize the functionality of File Explorer (formerly Windows Explorer) and any other applications utilizing the same interfaces. These extensions are implemented as COM objects and can take various forms, including context menu handlers, property sheet handlers, drag-and-drop handlers, and icon handlers. In this post, we will focus on creating an icon handler, a type of shell extension that enables dynamic customization of file icons based on specific file properties.

Dive in

Sharing Kernel Objects by Name – Perks and Perils

September 13, 2024

Some Windows kernel object types can have string-based names, which is one way such objects can be relatively easily shared between processes. However, it’s not all rainbows and unicorns.

Dive in