I don’t know if this is the right place to ask in, but I was playing around with the ExitBootServices function that is always called when the Boot time ends and the OS takes control (Runtime). I made UEFI DXE driver that hooks the ExitBootServices function and added it to my BIOS with MMTool. Now I can execute any code everytime right before the Runtime starts. I was able to get the memory address of OslFwpKernelSetupPhase1, the function of the Windows boot loader that calls the ExitBootServices function.
I am looking for specs/documentations about the boot loading stages of Windows, like any structures etc. I couldn’t really find much so I’m asking here. This is technically still firmware/UEFI as all the stuff happens during Boot time.
So if anyone has any sources I can read about that I’d greatly appreciate that 