Category

Windows Internals

blue depth
blue depth

Running an Executable as SYSTEM: Unlocking Windows Privilege Escalation Techniques

April 17, 2025

In this hands-on session, Pavel Yosifovich demonstrates how to launch a process under the SYSTEM account without relying on external tools like PsExec. You’ll learn how to:
Identify SYSTEM processes and extract their access tokens, Use Windows APIs like OpenProcessToken, DuplicateTokenEx, and CreateProcessWithTokenW, Troubleshoot access denial issues, deal with protected processes, and understand session contexts

Dive in

Understanding UAC Virtualization: A Security Mechanism for Legacy Applications

March 17, 2025

In this video, we dive deep into User Account Control (UAC) Virtualization—a feature introduced in Windows Vista to balance security with compatibility for legacy applications. We explore why applications written for Windows XP assumed administrative privileges and how UAC virtualization helps mitigate security risks while maintaining functionality.

You’ll see a hands-on demonstration of how UAC virtualization works, including how it redirects file writes from system directories to per-user locations.

Dive in
Windows Insider Green Screen of Death showing a frowny face and crash information.

Exploring the Blue Screen of Death: A Practical Deep Dive

February 17, 2025

Dive into Pavel’s latest post exploring the Windows Blue Screen of Death—what triggers it, why it’s actually a safeguard rather than a punishment, and how to investigate crashes with powerful tools like WinDbg and Driver Verifier. This guide offers invaluable insights for TrainSec students, especially those following the Windows Internals Master path, looking to sharpen their debugging skills and elevate their mastery of the Windows kernel.

Dive in
RunDll32

Understanding RunDLL32: Leveraging Dynamic Function Invocation

January 13, 2025

Unlock the power of RunDLL32! Learn how to execute DLL functions, invoke control panel dialogs, and test custom DLLs with our latest guide. Packed with examples and insights, this post is part of the free TrainSec Knowledge Library—your go-to resource for mastering Windows tools.

Dive in
Shell Icon Handler extension

Shell Icon Handler extension

January 9, 2025

Shell extensions are a powerful feature of the Windows shell that allow developers to extend and customize the functionality of File Explorer (formerly Windows Explorer) and any other applications utilizing the same interfaces. These extensions are implemented as COM objects and can take various forms, including context menu handlers, property sheet handlers, drag-and-drop handlers, and icon handlers. In this post, we will focus on creating an icon handler, a type of shell extension that enables dynamic customization of file icons based on specific file properties.

Dive in

Understanding the Differences Between CreateProcessAsUser and CreateProcessWithTokenW in Windows

December 17, 2024

In this video, we dive into two powerful Windows API functions—CreateProcessAsUser and CreateProcessWithTokenW—that allow you to start a new process under a different user context. You’ll learn when to use each function, what privileges and services they depend on, and how to overcome common pitfalls. The video demonstration includes live coding examples, troubleshooting steps, and insights into managing tokens, sessions, and user profiles.

Dive in
simple rpc client

Building a Simple RPC Client and Server: A Step-by-Step Guide

November 20, 2024

Remote Procedure Calls (RPC) are a fundamental mechanism in distributed computing, allowing functions to execute seamlessly across different systems or processes as if they were local. This post walks you through creating a basic RPC server and client using Microsoft’s RPC framework, focusing on clarity and simplicity.

Dive in

Pick Your Path and Join the Elite

Windows Master Developer

Takes you from a “generic” C programmer to a master Windows programmer in user mode and kernel mode.
Become Master Developer
Windows Internal master badge

Windows Internals Master

Broadens and deepens your understanding of the inner workings of Windows.
Become Windows internals Master
Hardware Hacking expert course badge

Hardware Hacking Expert​

Transform yourself from a novice to a seasoned hardware hacking expert.
Become HW Hacking Expert
Windows Security Researcher Badge

Windows Security Researcher

Provides the necessary knowledge, understanding, and tools to be a successful Windows OS researcher.

Become Security Researcher

You can learn for free

We’ll keep you up to date with the latest trends, free content and discounts

Pavel Yosifovich

Software developer, trainer, consultant, author, and speaker. Co-author of “Windows Internals” 7th edition (2017). Author of “Windows Kernel Programming, 2nd ed” (2023), “Windows 10 System Programming Part 1” (2020) and Part 2 (2021).

@zodiacon

Uriel kosayev

Uriel Kosayev

Security researcher, consultant, and the author of the Antivirus Bypass Techniques book who lives both on the offensive and defensive fronts. Passionate about malware research, and red teaming while providing real-world security solutions. 

@MalFuzzer

Amichai Yifrach

Amichai Yifrach

30+ years of hands-on experience, Inventor, systems & electronics engineer, expert program manager, coder, cyber security researcher and startups mentor. Expert in Hardware-firmware-software integrated systems development

@The_H1tchH1ker

Useful Resources

Pavel’s GitHub
Pavel’s Books
Uriel’s GitHub
Antivirus Bypass Techniques Book

Learning Paths

Windows Master Developer
Windows Internals Master
Windows Security Researcher
Hardware Hacking Expert

Let's Connect

Contact Us
Join our Discord community

@2025 TrainSec. All rights reserved. Terms of Use | Privacy Policy