//Topic
Best Windows Internals books
4 books in our catalog cover Windows Internals, ranked by rating. Each entry is an opinionated review with who the book is for and who should skip it.
01 · 2024
Windows Security Internals
A Deep Dive into Windows Authentication, Authorization, and Auditing
Forshaw takes apart the Windows security model from the SRM and access tokens up through Kerberos, with live PowerShell you can run against your own machine. The most authoritative single source on how Windows actually decides who can do what.
Advanced5/5James Forshaw02 · 2017
Windows Internals, Part 1
System architecture, processes, threads, memory management, and more
The canonical Microsoft Press reference on Windows internals: how processes, threads, memory and system services are actually implemented in the modern Windows kernel. User-mode focus in this volume.
Advanced5/5Pavel Yosifovich, Alex Ionescu, Mark Russinovich, David Solomon03 · 2019
Rootkits and Bootkits
Reversing Modern Malware and Next Generation Threats
Matrosov, Rodionov and Bratus on persistent, deeply-embedded malware: kernel rootkits, MBR/UEFI bootkits, and the forensic techniques that surface them. Strongly Windows-internals oriented.
Advanced4/5Alex Matrosov, Eugene Rodionov, Sergey Bratus04 · 2014
Practical Reverse Engineering
x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
A working reverser's textbook from three Microsoft / Quarkslab veterans, covering the architectures and toolchain you'll actually meet on real targets, including the Windows kernel and modern obfuscation patterns.
Advanced4/5Bruce Dang, Alexandre Gazet, Elias Bachaalany