This version was published on 2022-01-22

There is nothing like the power of the kernel in Windows - but how do you write kernel drivers to take advantage of that power? This book will show you how.

The book describes software kernel drivers programming for Windows. These drivers don't deal with hardware, but rather with the system itself: processes, threads, modules, Registry, and more. Kernel code can be used for monitoring important events, preventing some from occurring if needed. Various filters can be written that can intercept calls that a driver may be interested in.

The second edition expands on existing topics, and adds new topics, such as using the Windows Filtering Platform, and describing advanced programming techniques.

Table of Contents

Introduction

Chapter 1: Windows Internals Overview

Chapter 2: Getting Started with Kernel Development

Chapter 3: Kernel Programming Basics

Chapter 4: Driver from Start to Finish

Chapter 5: Debugging and Tracing

Chapter 6: Kernel Mechanisms

Chapter 7: The 1/0 Request Packet

Chapter 8: Advanced Programming Techniques (Part 1)

Chapter 9: Process and Thread Notifications

Chapter 10: Object and Registry Notifications

Chapter 11: Advanced Programming Techniques (Part 2)

Chapter 12: File System Mini-Filters

Chapter 13: The Windows Filtering Platform

Chapter 14: Introduction to KMDF

Chapter 15: Miscellaneous Topics

Appendix: The Kernel Template Library

About the Author

Pavel Yosifovich is a developer, trainer, author, and speaker. Pavel loves all things software and still sometimes misses his old Commodore 64. He's also a PluralSight author and a Microsoft MVP.