Category Archives: Windows Internals

Understanding Atom Tables

Atom Tables have been a structure on Windows which I wanted to investigate for a while, but only have managed to find the time to write about now. Atom Tables enable strings to be encoded by with a 16-bit integer … Continue reading

Posted in Computer Science, WinDbg, Windows Internals | Leave a comment

The Complete Debugging Guide to Stop 0x124 – Part 3

In the previous two parts, we examined error packets and error records, now we will begin to discuss the debugging methodology involved with a Stop 0x124 bugcheck, and how to gather useful debugging information from the dump file using WinDbg. … Continue reading

Posted in Computer Science, Debugging, Stop 0x124, WinDbg, Windows Internals | 1 Comment

The Complete Debugging Guide to Stop 0x124 – Part 2

We looked at the error packets in the first part, but now we need to investigate the structure of error records, and understand how to gather useful information from these error records to assist us in our debugging efforts. There … Continue reading

Posted in Computer Science, Debugging, Stop 0x124, WinDbg, Windows Internals | Leave a comment

The Complete Guide to Debugging a Stop 0x9F

I’ve written quite a few article about this bugcheck in the past, however, at the time of writing for those articles, some of my knowledge wasn’t as complete as it is now. I was relatively new to debugging and many … Continue reading

Posted in Debugging, Stop 0x9F, WinDbg, Windows Internals | 2 Comments

WinDbg Commands and Extensions – SwishDbgExt Library

The SwishDbgExt library contains a number of interesting extensions which are imperative for deep debugging results. The SwishDbgExt library was written by Matt Suiche. Note: If you wish to use the ProcDumpExt DLL for WinDbg, and also view the help … Continue reading

Posted in Computer Science, Debugging, WinDbg, Windows Internals | Leave a comment

Windows Access Tokens – !token and _TOKEN

Windows needs to ensure that untrusted code and untrusted users aren’t accessing important areas of the operating system, and creating problems which would ultimately lead to a vast number of BSODs. Windows manages this through Access Tokens which are used … Continue reading

Posted in Debugging, System Security, WinDbg, Windows Internals | Leave a comment

Windows Integrity Levels – Process Explorer and WinDbg

From Windows Vista onwards, Microsoft has placed a substantially greater focus on the security of the operating system, which is one of the areas most users will neglect and then later come to complain about. In this article I’m going … Continue reading

Posted in Debugging, System Security, Windows Internals | 1 Comment