Blog

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 8

Alan Sguigna

July 21, 2024
1:04 pm

This article uses the SourcePoint JTAG debugger to explore the very earliest part of the Windows boot flow, where the Secure Kernel is initialized in VTL 0 by the Windows and Hypervisor loaders.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 7

Alan Sguigna

July 14, 2024
8:41 pm

Architectural Event Trace (AET) can only be used with JTAG. This blog describes the use of AET to explore Windows Hyper-V and the Secure Kernel.

Dramatically Reduce Test Times With Fast Programming

John Akin

June 18, 2024
4:09 am

New techniques are significantly reducing in-system programming times. Learn about the three mechanisms for programming flash memory via ScanWorks.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 6

Alan Sguigna

June 16, 2024
11:56 am

Learning more about Hyper-V by following Connor McGarr's footsteps in his blog, Windows Internals: Dissecting Secure Image Objects - Part 1.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 5

Alan Sguigna

March 25, 2024
3:11 pm

In the last couple of articles in this series, I’ve focused on basic run-control debugging used in conjunction with Intel Processor Trace (Intel PT). In this installment, we’ll start looking at the use of Architectural Event Trace (AET) to explore the Windows hypervisor, and how MSR accesses in particular are handled.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

Alan Sguigna

March 17, 2024
4:14 pm

In this article, we’ll look at some of the fields within the VMCS, and change them to combat some of the mitigations against instruction trace within Windows.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

Alan Sguigna

March 3, 2024
1:34 pm

Debugging the Secure Kernel with JTAG, EXDI, LBR and Intel PT.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

Alan Sguigna

February 20, 2024
10:16 am

In Part 1 of this article series, I demonstrated the use of EXDI with DCI to explore the Windows hypervisor. In this article, we’ll take a first look at the Windows Secure Kernel.

Five Reasons Why You Should Consider ASSET’s Managed Services

Michael Johnson

February 15, 2024
10:44 am

ASSET’s Managed Services solution bridges the boundary scan knowledge gap and is a valuable resource during each phase of a product's lifecycle.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

Alan Sguigna

January 15, 2024
6:30 pm

I’m having a tremendous amount of fun learning about Windows internals with the new support of WinDbg via our SourcePoint JTAG debugger. This is a multi-part series on exploring some of the undebuggable code within the Windows hypervisor and secure kernel.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 8

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 7

Dramatically Reduce Test Times With Fast Programming

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 6

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 5

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

Five Reasons Why You Should Consider ASSET’s Managed Services

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

Archives

Categories