My upcoming webinar will demonstrate the intersection between AI, decompilation technologies, and JTAG-based dynamic analysis of Windows' internals and threats. The event is on Tuesday, July 15th at 10am Central Time. The registration page is here: attendee.gotowebinar.com/register/854...
Our VMCS Viewer/Editor visually displays all registers with bit names and tooltips that show the full descriptions. And you can modify any bit(s) you want, interactively or automated.
Almost magical: using JTAG to debug SMM: www.asset-intertech.com/resources/bl...
From the archives: my webinar video recording on debugging Hyper-V, the Secure Kernel, VBS, WDAC, and other Windows security features: attendee.gotowebinar.com/recording/35...
I had a blast doing the research for Part 2 of my series on using JTAG to debug Hypervisor-Managed Linear Address Translation (HLAT): www.asset-intertech.com/resources/bl.... In this blog, I used SourcePoint to pinpoint where in the boot flow HLAT is enabled on Alder Lake performance cores.
My webinar on Hyper-V, Secure Kernel, Defender, etc. debug is right around the corner: Thursday, Dec. 12th at 10:30am Central Time. Even if you can't attend the live session, registering will get you access to the recorded video; the registration link is: attendee.gotowebinar.com/register/751...
Debugging the Secure Kernel with WinDbg.
I'll be presenting a webinar on using JTAG to debug Windows Hyper-V, the Secure Kernel, WDAC, VBS Enclaves, and lots of other interesting security features. The event is on Thursday, December 12th at 10:30am USA Central Time. To attend, register here: attendee.gotowebinar.com/register/751...
If you want to break into the Secure Kernel in VTL0 versus VTL1, you should use the ENABLEJTAGBREAK bcdedit element as described here: www.asset-intertech.com/resources/bl... or via the bootmgfw.efi hack in the latest Window Canary Build as per here: www.asset-intertech.com/resources/bl....
