Part 1 July 15, 2025
Windows Drivers Series Part 1 - Overview
Introduction to the Windows driver exploitation series — who it's for, what tools you'll need, and why drivers are a great target.
pwn rev windows drivers
Series
Multi-part series
Windows Drivers
8 parts
Part 2 July 16, 2025
Windows Drivers Series Part 2 - What's a Driver Anyways?
A history of Windows drivers and an explanation of what they are, the different types, and how they fit into the modern Windows kernel.
pwn rev windows drivers
Part 3 July 17, 2025
Windows Drivers Series Part 3 - The Minimum Viable Driver
Setting up a driver development environment in Visual Studio and writing a minimal kernel driver that loads and unloads.
pwn rev windows drivers
Part 4 July 20, 2025
Windows Drivers Series Part 4 - Interacting with the Driver
How IRPs, IO Stack Locations, and dispatch functions work together to let user-mode applications communicate with kernel drivers.
pwn rev windows drivers
Part 5 July 22, 2025
Windows Drivers Series Part 5 - Basic Driver Functionality
Building a driver that handles DeviceIoControl requests and exploring buffered, direct, and neither I/O methods.
pwn rev windows drivers
Part 6 August 6, 2025
Windows Drivers Series Part 6 - Debugging and Basic Rev
Setting up a kernel debugger, loading a driver into IDA, rebasing the text segment, and tracing IRPs through a live driver.
pwn rev windows drivers
Part 7 August 15, 2025
Windows Drivers Series Part 7 - Buffer Overflow on Windows 7
Developing a kernel stack buffer overflow exploit against HackSysExtremeVulnerableDriver on 32-bit Windows 7 with token-stealing shellcode.
pwn rev windows drivers
Part 8 August 20, 2025
Windows Drivers Series Part 8 - Bypassing SMEP
Porting the HEVD buffer overflow exploit to 64-bit Windows 8.1 and using ROP to bypass Supervisor Mode Execution Prevention.
pwn rev windows drivers