Bridging Networks with Windows Packet Filter

By | November 14, 2016

Why do I need to bridge or a couple of real life cases when you may need an alternative to built-in Windows network bridge. Over ten years has passed since I have published the first version of Ethernet Bridge. The main purpose of this simple tool, inspired by Steve Gibson from Gibson Research Corporation, was supporting OpenVPN in… Read More »

Microsoft Edge and ProtectedHomepages

By | May 11, 2016

Recently I have had a small but curious research project with the requirement to decrypt ProtectedHomepages binary value stored under [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected – It is a violation of Windows Policy to modify. See aka.ms/browserpolicy]. While googling around the problem I have seen a related question on StackOverflow, so I decided that it may have sense to share the… Read More »

Windows Packet Filter and Gigabit networks

By | April 6, 2016

There is a very popular and important question about Windows Packet Filter: “Can I handle Gigabit traffic in WinpkFilter user-mode application without noticeable performance degradation?” I was asked quite often and usually my answer starts with “that depends…” followed up by various performance related considerations and ends with a sentence “if you need maximum possible performance then consider… Read More »

How to customize and build Windows Packet Filter drivers

By | March 1, 2016

Windows Packet Filter source code layout When you install Windows Packet Filter Source Code package you have got the folder named Kernel under the main installation folder with the following structure: /bin – contains driver’s binaries for all supported Windows versions /common – contains the source code shared along all supported Windows versions. If you plan to build… Read More »

Inside PsExec remote administration

By | March 24, 2004

This is a short reverse engineering review of one useful remote administration utility originally authored by Mark Russinovich (you can download it from Microsoft web-site here). Original version of this review was published on this site in 2004, but since the utility is still very popular and users are interested about its internal design I decided to slightly… Read More »