Power up your Windows security skills with expert guidance in-depth technical insights and
dozens of real-world vulnerability examples from Google Project Zero’s most renowned
researcher! Learn core components of the system in greater depth than ever before and gain
hands-on experience probing advanced Microsoft security systems with the added benefit of
PowerShell scripts. Windows Security Internals is a must-have for anyone needing to
understand the Windows operating system’s low-level implementations whether to discover new
vulnerabilities or protect against known ones. Developers devops and security researchers
will all find unparalleled insight into the operating system’s key elements and weaknesses
surpassing even Microsoft’s official documentation. Author James Forshaw teaches through
meticulously crafted PowerShell examples that can be experimented with and modified covering
everything from basic resource security analysis to advanced techniques like using network
authentication. The examples will help you actively test and manipulate system behaviors learn
how Windows secures files and the registry re-create from scratch how the system grants access
to a resource learn how Windows implements authentication both locally and over a network and
much more. You’ll also explore a wide range of topics such as: Windows security
architecture including both the kernel and user-mode applications The Windows Security
Reference Monitor (SRM) including access tokens querying and setting a resource’s security
descriptor and access checking and auditing Interactive Windows authentication and credential
storage in the Security Account Manager (SAM) and Active Directory Mechanisms of network
authentication protocols including NTLM and Kerberos In an era of sophisticated cyberattacks
on Windows networks mastering the operating system’s complex security mechanisms is more
crucial than ever. Whether you’re defending against the latest cyber threats or delving into
the intricacies of Windows security architecture you’ll find Windows Security Internals
indispensable in your efforts to navigate the complexities of today’s cybersecurity landscape.
