Resources



Books on Windows Kernel Mode Development
Name Author Publication
Windows 7 Device Driver Ronald Reeves Addison-Wesley
Developing Drivers with the Windows Driver Foundation P.Orwick, G.Smith Microsoft Press
Programming the Microsoft Windows Driver Model (2nd Ed.) Walter Oney Microsoft Press
Introduction to Windows Driver Foundation P.Viscarola, T.Mason, et al OSR Press
The Windows 2000 Device Driver Book (2nd Ed.) A.Baker & J.Lozano Prentice Hall
Windows NT Device Driver Development P.Viscarola & T.Mason OSR Press
Developing Windows NT Device Drivers E.Dekker & J.Newcomer Addison-Wesley
Writing Windows WDM Device Drivers Chris Cant CMP Books

Books on Windows Internals, Systems Programming and Debugging
Name Author Publication
What Makes it Page Enrico Martignetti CreateSpace
Windows Internals (6th Ed.) Part 1 & 2 M.Russinovich, D.Solomon & A.Ionescu Microsoft Press
Inside Windows Debugging Tarik Soulami Microsoft Press
Windows Debugging Practical Foundations Dmitry Vostokov OpenTask
x64 Windows Debugging Practical Foundations Dmitry Vostokov OpenTask
Memory Dump Analysis Anthology (Volume 1-6) Dmitry Vostokov OpenTask
Advanced Windows Debugging M.Hewardt, D.Pravat Addison-Wesley
Advanced .NET Debugging M.Hewardt Addison-Wesley
Debugging Applications for Microsoft .NET and Microsoft Windows John Robbins Microsoft Press
Windows NT File System Internals R.Nagar & T.Mason OSR Press
Windows via C/C++ J.Richter & C.Nasarre Microsoft Press
Windows NT/2000 Native API Reference Gary Nebbett MTP
Undocumented Windows 2000 Secrets: A Programmer's Cookbook Sven B. Schreiber Addison-Wesley
Windows 2000 Kernel Debugging Steven McDowell Pearson Education
Undocumented Windows NT P.Dabak, S.Phadke & M.Borate M&T Books

Books on Windows Reverse Engineering, Rootkits & Security
Name Author Publication
Practical Reverse Engineering B.Dang, A.Gazet, E.Bachaalany & S.Josse Wiley
Practical Malware Analysis M.Sikorski & A.Honig No Starch Press
Malware Analyst's Cookbook and DVD M.Ligh, S.Adair, B.Hartstein & M.Richard Wiley
The Rootkit Arsenal Bill Blunden Wordware
The Art of Computer Virus Research and Defense Peter Szor Addison-Wesley
Rootkits: Subverting the Windows Kernel G.Hoglund & J.Butler Addison-Wesley
Reversing: Secrets of Reverse Engineering Eldad Eilam Wiley
Hacker Disassembling Uncovered Kris Kaspersky A-List Publishing
Hacking: The Art of Exploitation Jon Erickson No Starch Press
Exploiting Software: How to Break Code G.Hoglund & G.McGraw Addison-Wesley
Professional Rootkits Ric Vieler Wrox P2P
Rootkits Spyware/Adware, Keyloggers and Backdoors Oleg Zaytsev A-List
Disassembling Code Vlad Pirogov A-List
Gray Hat Python Justin Seitz No Starch Press
The IDA PRO Book 2nd Ed. Chris Eagle No Starch Press

Web Sites
Crash Dump Analysis and Debugging Portal
NDIS Developers Reference
Undocumented Windows Native Functions
Uninformed
Open Reverse Code Engineering
CodeBreakers Journal
Virus Bulletin
Reverse Engineering Team
Open Malware (Offensive Computing)

Blogs
Advanced Windows Debugging and Troubleshooting
The Invisible Things Lab's blog
Stuff mostly about Windows Fundamentals
Windows, WinDBG, IDA, and Oxford commas
Of Filesystems And Other Demons
Mark Russinovich's Blog
Confessions of an Old Fogey
j00ru//vx tech blog
Nynaeve (Ken Johnson's Blog)
The Old New Thing
Hex Ray's Blog
Corelan Team's
VUPEN Vulnerability Research Team
Exodus Intelligence
Adobe Product Security Incident Response Team
Journey Into Incident Response
Windows Incident Response
gb_master's /dev/null
Didier Stevens
Positive Research Center
Carnal Ownage

Security Conferences
RSA Conference
BlackHat
Defcon
BSides
ReCon
Hack In The Box (HITB)
Hack.LU
ShmooCon
NULLCon
CanSecWest
PacSec
EUSec West
Hack in Paris
SyScan
44Con
Positive Hack Days
DerbyCon
Notacon
GrrCON
SecTor
CONFidence
Power Of Community (POC)
ToorCon
Hacks in Taiwan (HITCON)
XCon
BruCON
Ruxcon
KiwiCON
RootedCON
Code Blue
Troopers
CarolinaCON
Shakacon

Newsgroups & Forums
Reddit - Reverse Engineering
StackExchange - Reverse Engineering
Woodmann - RCE Forums
Windows WDK and Driver Development
Windows Filtering Platform (WFP)
Winsock Kernel (WSK)