Demystifying Driver Research A Systematic Approach For Vulnerability Hunting

Driver vulnerabilities are among the most powerful targets in offensive security; yet most researchers rely on random fuzzing that yields inconsistent results. This session introduces a structured five-step methodology for hunting driver bugs that moves beyond the "fuzz and hope" approach, combining mass collection, API filtering, device verification, static analysis and guided fuzzing into a repeatable pipeline. This session, led by Priyanshu Sharma of MIT Pune, will cover: How to filter thousands of drivers down to a shortlist of high-value targets using import table analysis and device verification; How to navigate dispatch tables and IRP major functions in Ghidra to identify dangerous IOCTL handlers; How the pipeline was applied in practice, resulting in the discovery of four zero-days, including CVE-2025-60419.

Join Today
Nicholas Carlini - Black-hat LLMs | [un]prompted 2026
▶︎

Nicholas Carlini - Black-hat LLMs | [un]prompted 2026

How to Track the People Tracking YOU
▶︎

How to Track the People Tracking YOU

Unexplored Territory Episode 120 - Announcing VCF Native S3 Object Storage, featuring Rakesh!
▶︎

Unexplored Territory Episode 120 - Announcing VCF Native S3 Object Storage, featuring Rakesh!

Cybersecurity Trends in 2026: Shadow AI, Quantum & Deepfakes
▶︎

Cybersecurity Trends in 2026: Shadow AI, Quantum & Deepfakes

Anatomy Of A Supply Chain Worm Building Detection Systems That Work On Zero Days
▶︎

Anatomy Of A Supply Chain Worm Building Detection Systems That Work On Zero Days

The Man Who Worked At Subway, Then Made The Biggest Prime Breakthrough in Decades
▶︎

The Man Who Worked At Subway, Then Made The Biggest Prime Breakthrough in Decades

Knife Expert: Real Knife Defense Is TERRIFYING
▶︎

Knife Expert: Real Knife Defense Is TERRIFYING

Unauthenticated Pre Pairing Gatt Write Vulnerability In Smartwatch Ecosystems
▶︎

Unauthenticated Pre Pairing Gatt Write Vulnerability In Smartwatch Ecosystems

Something is jamming GPS over Europe. Here's what we found
▶︎

Something is jamming GPS over Europe. Here's what we found

How Passkeys Work - Computerphile
▶︎

How Passkeys Work - Computerphile

The Strange Math That Predicts (Almost) Anything
▶︎

The Strange Math That Predicts (Almost) Anything

Ex-Google Recruiter Explains Why "Lying" Gets You Hired
▶︎

Ex-Google Recruiter Explains Why "Lying" Gets You Hired

AI buys robot and car, does exactly what experts warned.
▶︎

AI buys robot and car, does exactly what experts warned.

I Hacked This Temu Router. What I Found Should Be Illegal.
▶︎

I Hacked This Temu Router. What I Found Should Be Illegal.

Bernie vs. Claude
▶︎

Bernie vs. Claude

FULL DISCUSSION: Google's Demis Hassabis, Anthropic's Dario Amodei Debate the World After AGI | AI1G
▶︎

FULL DISCUSSION: Google's Demis Hassabis, Anthropic's Dario Amodei Debate the World After AGI | AI1G

How (and why) to take a logarithm of an image
▶︎

How (and why) to take a logarithm of an image

Building the PERFECT Linux PC with Linus Torvalds
▶︎

Building the PERFECT Linux PC with Linus Torvalds

You Need to Be Bored. Here's Why.
▶︎

You Need to Be Bored. Here's Why.

Die Zombie-Simulation, die niemand erklären kann
▶︎

Die Zombie-Simulation, die niemand erklären kann