|
Yeah he is a pretty cool guy, unforunately a lot changed in XP...but the Crazyl0rd's site is still good. I've noticed however that with some kernel knowledge and IDA+WinDBG+SoftICE+Debug Symbols you can pretty much figure it out by yourself.
Oh and check out www.reactos.com...we are re-writing the NT Kernel from scratch (no diassesmbling is allowed, only profiling and knowledge or re-implementations) so some of our code is very close to how NT really works (even though it's not the exact same thing, because we can't reverse).
Best regards,
Alex Ionescu
http://www.relsoft.net
|