Windows Internal


A comprehensive course curated for security professionals and cybersecurity analysts looking to review their Windows Internals concepts and skill sets, and bolster their foundations.

The Windows Internals Essentials focuses on building a thorough foundation in the key Operating Systems mechanisms and data structures in both ring 0 and ring 3. It is also geared to develop proficiency in Sysinternals Suite, WDK (Windows Driver Kit), Windows Debugging Tools (x86/x64) to probe the OS layers.

Benefits of choosing this course

Benefits of choosing the Windows Internal course


Get a solid grasp of the tools required to understand Windows malware and its interaction with the OS.


Understand the Windows OS system mechanisms and OS layers with a focus on the Windows kernel.


Build proficiency in Windbg/KD/LiveKD and tweak the debugger to get the level of detail required for a solid analysis.

Highlights of the Windows Internal course


Starting from setup and configuration you will cover an extensive array of Windbg commands, categorised by type, action and goal.


Hands-on lab practice for every topic covered.


Downloadable study material and self-assessments for reinforced learning.

  • Key Learning Objectives
  • Downloads
  • About
  • Key Learning Objectives

      After completing the Windows Internal course, you will be able to:
    • Enhance your knowledge about Windows System Architecture, understand how Windows works and why it behaves as it does.
    • Improve your understanding of performance behaviour of the system and make troubleshooting much easier for yourself.
    • Better understand the relation between the operating system and applications specific to the Windows platform. This knowledge can also help you debunk problems.
    • Work with Windows Objects which provide a bulk of the functionality in Windows.

    • Articulate how handles are used to access objects in Windows.
    • Learn how to develop your own Windows application in C.
    • Master the concepts of Windows Processes and Threads.
    • Grasp how Windows implements virtual memory and how it manages this subset of virtual memory kept in physical memory.
    • Learn all about Windows Portable Executable format.
    • Gain proficiency with debugging a User Mode Process.
  • Direct Downloads

    Directly download the full Learning Objectives of the course here

    Templates. Worksheets & Mind-maps

    When you enrol in this course you will have access to several worksheets & templates that you can use immediately. Take a look at the course curriculum, below, to see whats included in this course.

    The image immediately below is a gallery view of some of the templates and collateral available to students.

    Continuing Professional Development

    CPD points can be claimed for this course at the rate of 1 point per hour of training for this NCSC-certified and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop - for when organisations host this course internally).

    CIPR Student-Only Incident Response Plan Template

    As a student you get access to unique content including our highly acclaimed Cyber Incident Response Plan Template. If you want, you can download the FREE version of the Incident Response Plan template here.

  • About

Sign up and Start Today


Pay-in-full in your local currency (where available)


We take all major forms of payment and we use secure checkout.

Check out our unique, affordable, subscription-based, cybersecurity services for small to medium businesses, offering 280+ services in cybersecurity.