吾爱破解 - 52pojie.cn

 找回密码
 注册[Register]

QQ登录

只需一步,快速开始

查看: 5755|回复: 22
收起左侧

[Other] Windows Internals Part 1 7th Edition with Sysinternals Suite and Extra Software

[复制链接]
InternetDog 发表于 2020-9-6 15:03
本帖最后由 Pythonic_vi 于 2020-9-7 13:11 编辑

cover

cover


The definitive guide–fully updated for Windows 10 and Windows Server 2016
Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.
Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support.
This book will help you:
·        Understand the Window system architecture and its most important entities, such as processes and threads
·        Examine how processes manage resources and threads scheduled for execution inside processes
·        Observe how Windows manages virtual and physical memory
·        Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system
·        Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
Table of Contents        

Chapter 1: Concepts and tools      
Windows operating system versions                              
Foundation concepts and terms     
Digging into Windows internals      
Conclusion
                             
Chapter 2:  System architecture      

Requirements and design goals      
Operating system model                          
Architecture overview                                 
Virtualization-based security architecture overview                    
Key system components                           
Conclusion
                             
Chapter 3: Processes and jobs         

Creating a process         
Process internals           
Protected processes   
Minimal and Pico processes                 
Trustlets (secure processes)               
Flow of CreateProcess                                    
Terminating a process                                
Image loader                        
Jobs                                                
Conclusion
                             
Chapter 4: Threads           

Creating threads            
Thread internals           
Examining thread activity                     
Thread scheduling      
Group-based scheduling                          
Worker factories (thread pools)         
Conclusion                           

Chapter 5: Memory management   

Introduction to the memory manager                          
Services provided by the memory manager            
Kernel-mode heaps (system memory pools)           
Heap manager                     
Virtual address space layouts            
Address translation   
Page fault handling      
Stacks      
Virtual address descriptors               
NUMA   
Section objects                 
Working sets                        
Page frame number database              
Physical memory limits                             
Memory compression                                 
Memory partitions     
Memory combining   
Memory enclaves           
Proactive memory management (SuperFetch)  
Conclusion
                             
Chapter 6: I/O system      

I/O system components                             
Interrupt Request Levels and Deferred Procedure Calls         
Device drivers                    
I/O processing                    
Driver Verifier                  
The Plug and Play manager                    
General driver loading and installation                     
The Windows Driver Foundation   
The power manager     
Conclusion  
                           
Chapter 7: Security            

Security ratings              
Security system components            
Virtualization-based security           
Protecting objects        
The AuthZ API                  
Account rights and privileges            
Access tokens of processes and threads                       
Security auditing         
AppContainers                 
Logon        
User Account Control and virtualization                  
Exploit mitigations     
Application Identification                     
AppLocker                              
Software Restriction Policies              
Kernel Patch Protection                           
PatchGuard                        
HyperGuard                        

Conclusion
Software for book
Sysinternals Suite:

https://docs.microsoft.com/zh-cn/sysinternals/downloads/sysinternals-suite/ or https://down.52pojie.cn/Tools/Anti_Rootkit/SysinternalsSuite.zip

Windows Internals Book 7th Edition Tools
The Windows Internals book, 7th edition Part 1, uses many tools to demonstrate various features of the Windows operating system. Most are from Sysinternals (http://www.sysinternals.com) and built-in tools. But some tools were written by Alex Ionescu and myself and used in the book; these are be published here with full source code.

Please note that these tools were NOT written by or endorsed by Microsoft. They are provided "as is" without any warranties or guarantees. For all I know, they might format your hard drive or even the entire World Wide Web. :) Use at your own risk!
MIT License

Copyright (c) 2019 Pavel Yosifovich & Alex Ionescu

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.



DOWNLOAD ALL FILES HERE ==>> all.txt (57 Bytes, 下载次数: 112)





免费评分

参与人数 4吾爱币 +3 热心值 +3 收起 理由
solomon1011 + 1 + 1 热心回复!
jyting + 1 + 1 谢谢@Thanks!
brucewoo + 1 谢谢@Thanks!
细水流长 + 1 热心回复!

查看全部评分

发帖前要善用论坛搜索功能,那里可能会有你要找的答案或者已经有人发布过相同内容了,请勿重复发帖。

qttx 发表于 2020-9-13 21:07
是win7系统吗

寒冰流火 发表于 2020-9-8 14:18
Pythonic_vi 发表于 2020-9-7 18:59
翻译过程不可避免会加上主观内容,技术类著作还是看原版的好,糟糕的翻译只会让人反感与费解.

一个糟糕 ...

楼主持中立的立场  无个人主观看法  保持原汁原味  可贵   谢谢!
寒冰流火 发表于 2020-9-7 13:05
rep_su 发表于 2020-9-7 22:16
感谢,英文版只能慢慢看了
pvoid 发表于 2020-9-7 23:23
啥东西啊   直接发不行吗?
xxjj999 发表于 2020-9-7 20:15
谢谢楼主分享
iokeyz 发表于 2020-9-7 12:55
Part 1 出来好几年了,Part 2 一拖再拖,到现在还没出版
DA111 发表于 2020-9-7 19:43
我感觉我学了个假英文
 楼主| InternetDog 发表于 2020-9-7 18:22
iokeyz 发表于 2020-9-7 12:55
Part 1 出来好几年了,Part 2 一拖再拖,到现在还没出版

年底前有望看到Part2出版吧
培生微软官方商店说是12月18出版,
Published 12/18/2020
7th Edition
亚马逊上说是9月10号出版
Publisher : Microsoft Press; 7th Edition (September 10, 2020)
希望不要再拖了,和第六版比,更新了挺多东西.

Drill down into Windows architecture and internals, discover how core Windows components work behind the scenes, and master information you can continually apply to improve architecture, development, system administration, and support.
Led by three renowned Windows internals experts, this classic guide is now fully updated for Windows 10 and 8.x. As always, it combines unparalleled insider perspectives on how Windows behaves “under the hood” with hands-on experiments that let you experience these hidden behaviors firsthand.
Part 2 examines these and other key Windows 10 OS components and capabilities:

    Startup and shutdown
    The Windows Registry
    Windows management mechanisms
    WMI
    System mechanisms
    ALPC
    ETW
    Cache Manager
    Windows file systems
    The hypervisor and virtualization
    UWP Activation

Revised throughout, this edition also contains three entirely new chapters:

    Virtualization technologies
    Management diagnostics and tracing
    Caching and file system support
 楼主| InternetDog 发表于 2020-9-7 18:59
寒冰流火 发表于 2020-9-7 13:05
纯银文的 吃力  还是谢谢楼主分享

翻译过程不可避免会加上主观内容,技术类著作还是看原版的好,糟糕的翻译只会让人反感与费解.

一个糟糕的旧翻译,经常被用来举例:
Robustness-->鲁棒性
 楼主| InternetDog 发表于 2020-9-7 19:14
Windows Internals 6th Edition也上传了,

放在附件地址里的history目录下

对于仍在坚守win7的朋友还是用得上的.
您需要登录后才可以回帖 登录 | 注册[Register]

本版积分规则

返回列表

RSS订阅|小黑屋|处罚记录|联系我们|吾爱破解 - LCG - LSG ( 京ICP备16042023号 | 京公网安备 11010502030087号 )

GMT+8, 2024-12-23 10:07

Powered by Discuz!

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表