March 2023

eBPF programming on Windows

By /

eBPF is (now!) a cross-platform technology with origins in the Linux Kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or write drivers with the native kernel APIs. … Read more

Getting your minifilter signed from Microsoft

By /

Illustration by @Megha. Edited by @Freya Fannie. This document outlines the steps to get a minifilter signed by Microsoft, including registering for the Windows Hardware Dev Center program, purchasing an EV code signing certificate, and using the Windows Hardware Certification Kit (HCK) or Windows Hardware Lab kit (HLK) to run tests and submit a test … Read more

Scroll to Top