Learn how to use the Windows Application Verifier infrastructure to inject a DLL and hook

Pavel Yosifovich explains Windows logon sessions: what they hold, why tokens exist as separate objects,

Pavel Yosifovich walks through the full Visual Studio workflow for embedding custom binary resources in

Pavel Yosifovich shows how Windows PE custom resources work — and how Process Explorer bundles

Learn how the COM class moniker and CoGetObject work: registry lookup, MkParseDisplayName, and IMoniker::BindToObject —

Learn how to use TdhGetEventInformation and TdhFormatProperty in C++ to decode ETW event names, keywords,

Learn how to consume real-time ETW events in C++ using Win32 APIs. Pavel walks through

Control Panel is still supported, which means you can still build your own applets. This

In a previous post we hid a Windows service using a UI tool. This post