A forum for reverse engineering, OS internals and malware analysis 

Getting started with Windows Kernel driver reverse engineering and exploitation.

Ask your beginner questions here.

Getting started with Windows Kernel driver reverse engineering and exploitation.

 #32938  by TheBasePointer
 Tue May 21, 2019 4:50 pm
Hi,

I know some C, enough to read it and understand it and I've learnt x86 from open security training (check them out if you're learning x86; it's really good.) and I want to get into windows kernel-mode driver reverse engineering and exploitation of said drivers, does anyone know of any good resources that I could use that would take me into the right direction? Any and all of your advice is appreciated. :-D :-D :-D :-D :-D :-D

Re: Getting started with Windows Kernel driver reverse engineering and exploitation.

 #32942  by Curson
 Thu May 23, 2019 3:39 pm
Hi,

I recommend starting with HackSys Extreme Vulnerable Driver
HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.

HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Buffer Overflows to complex Use After Frees and Pool Overflows. This allows the researchers to explore the exploitation techniques for every implemented vulnerabilities.

Here is a serie of blog posts by Hasherezade about it : Starting with Windows Kernel Exploitation.

Regards.
 Return to “Newbie Questions”