Chapter 1. Concepts and tools
Chapter 1. Concepts and tools In this chapter, we’ll introduce the key Microsoft Windows operating system (OS) concepts and terms we’ll be using throughout this book, such as the Windows API, processes, threads, virtual memory, kernel mode and user mode, objects, handles, security, and the registry. We’ll also introduce the tools that you can use to explore Windows internals, such as the kernel debugger, the Performance Monitor, and key tools from Windows Sysinternals ( http://www.microsoft.com/technet/sysinternals ). In addition, we’ll explain how you can use the Windows Driver Kit (WDK) and the Windows Software Development Kit (SDK) as resources for finding further information on Windows internals. Be sure that you understand everything in this chapter; the remainder of the book is written assuming that you do. Windows operating system versions This book covers the most recent version of the Microsoft Windows client and server operating systems: Windows 10 (