There have been a lot of updates since i last blogged about this awesome set of tools, among those are updates to ProcDump, Autoruns, and PsLogList. The full details are here.
Another thing to mention is that Mark and David released the 5th Edition of their book, titled, “Windows Internals 5th Edition” You can check out the details herealso. Here is a small insert from their site.
Delve inside Windows architecture and internals:
- Understand how the core system and management mechanisms work—from the object manager to services to the registry
- Explore internal system data structures using tools like the kernel debugger
- Grasp the scheduler’s priority and CPU placement algorithms
- Go inside the Windows security model to see how it authorizes access to data
- Understand how Windows manages physical and virtual memory
- Tour the Windows networking stack from top to bottom— including APIs, protocol drivers, and network adapter drivers
- Troubleshoot file-system access problems and system boot problems
- Learn how to analyze crashes