To understand a kernel injector, one must understand the Windows NT kernel structures. The process generally follows five steps:
Because modern operating systems enforce strict Driver Signature Enforcement (DSE), an injector must secure access to Ring 0. This is accomplished in one of two ways: kernel injector