Відео

Im very hyped for COM content. Im still very new and trying to learn com and winapi for amusement. Bought 'windows via c/c++' by Jeffrey Richter recently. I still have alot of work to do but Im planning on reading your book on native windows next. Is it just me or is com content on youtube really scarce?

Great video Pavel

This is great. Will you cover more COM things in the future e.g. the COM threading model (sta, mta) in future videos? I'm trying to find good COM resources for colleagues and they don't seem to like to read books :( your videos are perfect for the younger guys honestly.

Is it possible to query the ETW for the Event fields with logman instead than using ETW explorer?

Very nice! well explained! respect for boiling down this intricate stuff into sth ingestible and digestible! Also respect for the 128 GiB RAM machine 😅

Hi, How this percentage for CPU hard limit is going change based on Hardware? Based on system I am seeing value has different effect.

hi, is it possible to convert a dll to .exe trainer?

YOU the MAN PAVEL

Thanks for your video Pavel, honestly you helping people to learn really fundamental things of windows for free . You the best

Try launching a fork bomb!😅

One of my favorite channels. Keep these videos coming, please!

Beautiful work! Love this!

always a good day when PAVEL POST :)

thx thxthxthxthxththx

Thank you very much for sharing you knowledge, I know you have a course about this on trainsec but if possible please create a video teaching the basic of wdf.

PAVEL

nice video, i have nearly watched the whole yt channel

good stuff my man

PAVEL you are the man !!

If I will patch all telemetry hardcoded ip's inside windows, then windows at boot will stop working?

smartt man!!

Great video as always, what i think would be really interesting is a video about networking internals of windows because i never found a lot of information about that. Ive read Windows internals 7th edition part 1 and am currently reading part 2 but there isnt anything about networking.

got to say the one thing I appreciate the most about all of what you are doing is the dedication to digging to the exact fact i need to see to verify what you're saying is true. windows makes that very hard.

Your registry tool is using old style look and feel scroll bars. Maybe you are missing the v6 common controls XML manifest?

Thank you for the great video. I am wondering if we need thread-synchronization especially for the wchar process name changed by the configurator process and used inside the compare function inside the .dll? Also what about memory barriers so that writes to pid and process name are actually flush the store buffer and can be observed by dll inside task manager? I'm a total noob on this and I am probably wrong. I would be grateful if you could add a short explanation why we don't need to care about these threading-problems in this case. Thanks a lot

can you use modular arithmetic for getting chunks?

Thanks.

Great video! Are you using an extension for syntax highlighting? If so, which one? Thanks!

Great content. Plenty to refer to in the future. Thanks!

Recently took the Rust class. You're genuinely a wizard. Absolutely brilliant work again.

Hello, how are you? I want to ask you how to load dll from byte array

Nice! I was thinking about C++ constexpr function converting from module name and function name to a hash. Then searching the module list and export list hashing each element and comparing it to pre-computed hashes. This way you hide the strings from anti virus and from offline analyzers. But no, Pavel ecrypted the whole thing. Nice. Possible red flag would be running code that is not mapped to any file (that modified pages after decryption).

Hi Pavel, Thanks for tutorials...But all your tutorial is injected to already running process.. How about Create new process and inject in to it? My current problem is create new progress (Ex Notepad) and inject to it..but sometime it work...sometime it dont...I dont know why...just assume dll injected when nodepad process not full loaded

Super explanation

Очень полезное видео, но не совсем понял один момент. Каким образом новый поток с точкой входа в функции GetProcAddress() заставляет в дальнейшем исполнить LoadLibraryA(dllpath)?

high quality content

My idea would be to split the work to fixed number of chunks, like 1024. Then spawn the same number of threads as I have number of processors. Or maybe add one or two threads more in case of some thread gets stuck on I/O for a while, so the extra threads could run in meantime. Then each thread would repeatedly take one work chunk form shared queue until the queue is empty. This is more work for the programmer, but I believe the CPU utilization will be more even. For example when the work items are part of image that needs to be processed in some way (ray casting). Or when converting video file. If some part of the image is solid color or if some part of video is still then the speedup would be still (close to) linear.

Thank you 4 ur videos

can ye spawn a new userinteractive session and then connect it to console?

Waht font are you using?

Can we expect videos based on NtAPIs instead of win32APIs ^_^ ?

Great! I learned and studied a lot from your 'Parent Process vs. Creator Process' blog post. That's a really cool code, but it would have been nice if you put the CREATE_NEW_CONSOLE flag in when calling the CreateProcess because the 0xC0000142 error occurs if the process you're trying to spoil is the console process. And some uwp apps, such as calc.exe, do not have this spoofing. Anyway, thank you so much for sharing that information through blogs and UA-cam.

I am getting an error where it keeps saying hDll could be '0; this does not adhere to the specification for the function 'GetProcAddress'

pavel will you make a video on WTL in the future?

You the best ❤

Dude you explained some things I didnt know and ot really helped thanks. Most youtubers ignore some important details and itsannoying

yeaah new video.