The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
I was reading this paper : Exposing Bootkits with BIOS Emulation
and in it there is a sudo code for using ATA PIO mode to read from disk and bypass rootkit hooks, but there is not much information about it and it doesn't explain how to implement it and doesn't explain it
so is there any open source project or a book or something that i can look at that does this or at least explains in detail how its done? the lowest level programming i have done is writing simple minifilter drivers and such, so i've never implemented something this low level close to hardware
also is this possible to do from user-mode or it has to be implemented in a kernel module?
|Upcoming OSR Seminars|
|OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!||Kernel Debugging||30 Mar 2020||OSR Seminar Space|
|Developing Minifilters||15 Jun 2020||LIVE ONLINE|
|Writing WDF Drivers||22 June 2020||LIVE ONLINE|
|Internals & Software Drivers||28 Sept 2020||Dulles, VA|