かしわば(@kash1064)

かしわば(@kash1064)

Aspiring Reverse Engineer and CTF Player (Team: 0nePadding). Passionate about WinDbg and Anti-Virus internals. OSCP / CISSP. Working at Microsoft Japan, but all views expressed are my own.

© 2026 かえるのひみつきち

English

Windows (en)

How I Got Remote Kernel Debugging Working on Windows 11 VMs Running on Proxmox

This article summarizes my suspected cause when KDNET-based remote kernel debugging failed between Windows 11 VMs on Proxmox, how I checked the VM settings from Proxmox, how I configured dbgsettings with an explicit busparams value, and the steps that finally made it work with qm start --force-cpu host.

Read

A PART OF ANTI-VIRUS 3 - Learning Windows Filtering Platform (WFP) from Public Sample Code - (WEB Edition) [Chapter 1: Overview and Architecture of WFP]

This is the WEB edition of A PART OF ANTI-VIRUS 3 distributed at Tech Book Fest 20.

Read

A PART OF ANTI-VIRUS 3 - Learning Windows Filtering Platform (WFP) from Public Sample Code - (WEB Edition) [Chapter 2: A Sample That Uses WFP for Access Control]

This is the WEB edition of A PART OF ANTI-VIRUS 3, distributed at Technical Book Fest 20.

Read

A PART OF ANTI-VIRUS 3 - Learning Windows Filtering Platform (WFP) from Public Sample Code - (WEB Edition) [Chapter 3: A Sample That Uses a Callout Driver for Access Control]

This is the web edition of A PART OF ANTI-VIRUS 3 distributed at Technical Book Fest 20.

Read

A PART OF ANTI-VIRUS 3 - Learning Windows Filtering Platform (WFP) from Public Sample Code - (Web Edition)

This is the web edition of A PART OF ANTI-VIRUS 3, distributed at Tech Book Fest 20.

Read
Windows (en)

How to Download an Official Installer for a Visual Studio Community Edition Other Than the Latest Version from the Official Site

These are notes on how to download an official installer for a Visual Studio Community Edition other than the latest version from the official website.

Read
ClamAV (en)

Search Algorithms Powering AntiVirus 2 - Boyer–Moore (BM) & Wu-Manber (WM)

Using ClamAV as a reference, this article summarizes the Boyer–Moore (BM) and Wu-Manber (WM) algorithms that support AntiVirus pattern matching.

Read
Windows (en)

Notes on Windows Clipboard Implementation

Notes on Windows clipboard implementation.

Read

A PART OF ANTI-VIRUS 2 - Learn Windows Antimalware Scan Interface (AMSI) with Public Sample Code - (Web Edition)

This is the web edition of A PART OF ANTI-VIRUS 2 distributed at Tech Book Fest 19.

Read

A PART OF ANTI-VIRUS 2 [Chapter 1: About AMSI (Windows Antimalware Scan Interface)]

This is the web edition of A PART OF ANTI-VIRUS 2 distributed at Tech Book Fest 19.

Read

A PART OF ANTI-VIRUS 2 [Chapter 3: AMSI Provider]

This is the web edition of A PART OF ANTI-VIRUS 2 distributed at Tech Book Fest 19.

Read

A PART OF ANTI-VIRUS 2 [Chapter 2: AMSI Client Interface]

This is the web edition of A PART OF ANTI-VIRUS 2 distributed at Tech Book Fest 19.

Read