How to run userland code from the kernel on Windows – Version 2.0

Introduction 2 years ago, Thierry F. wrote an article in this blog about a technique that could allow a driver to inject a DLL in a process ( This was based on the reverse engineering of the field PEB.KernelCallbackTable, which is untyped and completely undocumented. You may have discovered, through the article mentioned above that,... Continue Reading →

Blog at

Up ↑