Blog

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 6

Alan Sguigna

June 16, 2024
11:56 am

Learning more about Hyper-V by following Connor McGarr's footsteps in his blog, Windows Internals: Dissecting Secure Image Objects - Part 1.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 5

Alan Sguigna

March 25, 2024
3:11 pm

In the last couple of articles in this series, I’ve focused on basic run-control debugging used in conjunction with Intel Processor Trace (Intel PT). In this installment, we’ll start looking at the use of Architectural Event Trace (AET) to explore the Windows hypervisor, and how MSR accesses in particular are handled.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

Alan Sguigna

March 17, 2024
4:14 pm

In this article, we’ll look at some of the fields within the VMCS, and change them to combat some of the mitigations against instruction trace within Windows.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

Alan Sguigna

March 3, 2024
1:34 pm

Debugging the Secure Kernel with JTAG, EXDI, LBR and Intel PT.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

Alan Sguigna

February 20, 2024
10:16 am

In Part 1 of this article series, I demonstrated the use of EXDI with DCI to explore the Windows hypervisor. In this article, we’ll take a first look at the Windows Secure Kernel.

Five Reasons Why You Should Consider ASSET’s Managed Services

Michael Johnson

February 15, 2024
10:44 am

ASSET’s Managed Services solution bridges the boundary scan knowledge gap and is a valuable resource during each phase of a product's lifecycle.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

Alan Sguigna

January 15, 2024
6:30 pm

I’m having a tremendous amount of fun learning about Windows internals with the new support of WinDbg via our SourcePoint JTAG debugger. This is a multi-part series on exploring some of the undebuggable code within the Windows hypervisor and secure kernel.

WinDbg with correlated timestamps for Event and Instruction Trace

Alan Sguigna

December 17, 2023
3:44 pm

An advanced tutorial on the timestamp correlation of Windows kernel event and instruction trace, using Intel Processor Trace and Architectural Event Trace.

Managed Services Solution Bridges the Boundary Scan Knowledge Gap

Michael Johnson

November 22, 2023
6:01 am

Leveraging boundary scan provides great ROI, however, a successful product deployment requires knowledge, expertise, and planning. How do you navigate boundary scan knowledge gaps in your organization?

The US CHIPS Act 1+ Year Later – Things are Happening!

Glenn Woppman

November 8, 2023
8:40 am

Structures have been put in place. There is a commitment to funding. Strategies are being established. In this blog I cover some of the things that have happened since the passage of the CHIPS and Science Act in August last year.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 6

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 5

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

Five Reasons Why You Should Consider ASSET’s Managed Services

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

WinDbg with correlated timestamps for Event and Instruction Trace

Managed Services Solution Bridges the Boundary Scan Knowledge Gap

The US CHIPS Act 1+ Year Later – Things are Happening!

Archives

Categories