69Operating systems play a key role in reversing. That’s because programs are
tightly integrated with operating systems, and plenty of information can be
gathered by probing this interface. Moreover, the eventual bottom line of
every program is in its communication with the outside world (the program
receives user input and outputs data on the screen, writes to a file, and so on),
which means that identifying and understanding the bridging points between
application programs and the operating system is critical.
This chapter introduces the architecture of the latest generations of the
Microsoft Windows operating system, which is the operating system used
throughout this book. Some of this material is quite basic. If you feel perfectly
comfortable with operating systems in general and with the Windows archi-
tecture in particular, feel free to skip this chapter.
It is important to realize that this discussion is really a brief overview of
information that could fill several thick books. I’ve tried to make it as complete
as possible and yet as focused on reversing as possible. If you feel as if you
need additional information on certain subjects discussed in this chapter I’ve
listed a couple of additional sources at the end of this chapter.