dll编写相关:链接:https://www.cnblogs.com/talenth/p/9585208.html
dll劫持:链接:https://www.cnblogs.com/wayuzhi/p/4152516.html
dll相关:链接:http://www.voidcn.com/article/p-pohgxapy-su.html
com编程相关:链接:https://blog.csdn.net/wenzhou1219/article/details/51637291
com in plain c:链接:https://www.codeproject.com/Articles/13601/COM-in-plain-C
windows服务程序编写:链接:https://www.cnblogs.com/songtzu/p/3543920.html
process hollowing:链接:https://github.com/m0n0ph1/Process-Hollowing
对bootkit Pitou的一些分析,有不少有用的信息,链接:https://www.tgsoft.it/english/news_archivio_eng.asp?id=884
32位虚拟地址转换为物理地址,链接:https://bbs.pediy.com/thread-180989.htm
64位虚拟地址转换为物理地址,链接:https://bbs.pediy.com/thread-203391.htm
PDE-PTE相关:链接:https://blog.csdn.net/q1007729991/article/details/52723478
windows驱动模型发展的历史:链接:https://www.cnblogs.com/vcerror/p/4289029.html
大宝库:链接:https://github.com/hfiref0x/al-khaser/tree/master/al-khaser
