Kernel Patching Protection Explained #shorts
About this talk
Driver signing and Kernel Patching Protection (KPP) basics: How Windows protects the kernel. Understand the basics of KPP and Kernel ASLR. #bsidesfrankfurt #bsides #bsidesfra #juansacco #KernelPatching #DriverSigning
Show transcript [en]
Driver signing. I already explained it a little bit of what driver signing is. Um then you have patchwire or KP kernel patchic protection that basically at runups intervals it will look into uh specific places a specific critical functions of the kernel and then if it finds that something is has been modified blue screen of dead and and it you don't know when it's gonna when it's gonna when it's going to run. Uh so a way to bypass this is to modify it, do your thing and then modify it back. Um then you also have uh kernel ASLR. So other space like real randomization in kernel.
Related talks
0:38Microsoft Security: Safe PC or Password Risk? #shorts
BSides Frankfurt
0:41IP Geolocation Inaccuracy: Understanding Network Routing #shorts
BSides Frankfurt
0:18Vibe Coding Explained: Simple Rules for Secure Programs #shorts
BSides Frankfurt
0:22Microsoft Shared Folder Error 1272: Security Policy Explained #shorts
BSides Frankfurt
0:25Impossible Game Bot: The Ultimate Training Data Challenge #shorts
BSides Frankfurt
1:22Microsoft Share Error: Security Policies & Honeypot Gold! #shorts
BSides Frankfurt