IOActive / kmdf_re

Helper idapython code for reversing kmdf drivers
67 stars 22 forks source link

Reverse Engineering and Bug Hunting on KMDF Drivers

Link to slides: https://ioactive.com/wp-content/uploads/2018/09/Reverse_Engineering_and_Bug_Hunting_On_KMDF_Drivers.pdf

kmdf_re is a small idapython code that attempts to rename common structures and find usages of interesting kmdf callbacks.

Presentation given at AsiaSecWest 2018 (https://www.asiasecwest.com) and 44Con 2018 (https://44con.com/)

Author