Windows Drivers Reverse Engineering Methodology
voidsec2023-06-14T18:11:22+02:00With this blog post I’d like to sum up my year-long Windows Drivers research; share and detail my own methodology for reverse engineering (
WDM) Windows drivers, finding some possible vulnerable code paths as well as understanding their exploitability. I've tried to make it as "noob-friendly" as possible, documenting all the steps I usually perform during my research and including a bonus exercise for the readers.
Setting up the lab
While in the past, setting up a lab for kernel...