In this workshop we will touch upon important differences between 32-bit and 64-bit Windows.

Did you know WoW64 (Windows 32-bit on Windows 64-bit), the system that allows you to run 32-bit applications on 64-bit Windows, presents applications with a different view on the file system and the registry? Why wouldn't you use a 32-bit AV program on x64 Windows, but can you compile a 64-bit application on a 32-bit machine? Did you know 32-bit processes can't load 64-bit DLLs and 64-bit processes can't load 32-bit DLLs? Did you know that x64 shellcode is significantly different from 32-bit shellcode because of the calling convention?

Here are some of the exercises: How to develop and inject an x64 DLL - How to develop x64 shellcode - How to develop and sign an x64 kernel driver - How does WoW64 allow us to run 32-bit applications on a 64-bit system? - How do we "break" out of WoW64?

There are 9 videos covering the 8 exercises of my workshop totaling a bit more than 2 hours of viewing.

You can find video samples here.

