Offensive Driver Development

Learn how to develop a Windows driver with a variety of abuse primitives.

Buy Now

Learn how to set up a development testing environment for writing Windows kernel-mode drivers using Hyper-V, WinDbg, and Visual Studio. Cover the basic anatomy of a driver from loading and unloading, I/O control codes, interaction from userland, and kernel debugging. Implement various abuse primitives including removing process protection, disabling kernel callback routines and driver signature enforcement.

Course Curriculum

1
- What is a Driver?
  FREE PREVIEW
- The Risks with Drivers
  FREE PREVIEW
- Kernel Patch Protection
  FREE PREVIEW
- Configure your Development Environment
  FREE PREVIEW
- Driver Entry
- Printing Debug Messages
- Loading and Running the Driver
- Driver Unload
- Dispatch Routines
- Client-Side Code
- IRP_MJ_DEVICE_CONTROL
- Sending Data to the Driver
- Returning Data from the Driver
- Kernel Debugging
- FirstDriver Solution
2
- Introduction
- Unprotecting (Protected) Processes
- Protecting (Unprotected) Processes
- Windows Version Checking
3
- Introduction
- nt!_TOKEN
- PsReferencePrimaryToken
4
- Introduction
- PsSetCreateProcessNotifyRoutine
- PspCreateProcessNotifyRoutine
- QueryModuleInformation
- Putting It Together
- CreateThreadNotify & LoadImageNotify
- Removing a Callback Routine
5
- Introduction
- CI!CiInitialize
- Finding CiOptions from Userland
- Toggle DSE from a Driver
- Testing DSE
6
- Final Driver Solution
- Credits and Acknowledgements
  FREE PREVIEW

Student Reviews

good

Israel Enriquez

I think is great you develop this type of content

Read Less

Awesome Content

Daniel Feichter

Awesome and very detailed driver dev. content

Read Less

Pricing Options

Pay in one go or spread the cost with a payment plan.

£52.29

Regular price

Buy Now
2 x £26.15

Payment Plan

Buy Now