Explore Windows AFD.sys reverse engineering techniques in this 42-minute conference talk from Circle City Con 2015. Delve into the intricacies of AFD.sys, understanding Project Zero's goals and the speaker's approach to bug hunting. Learn about registry inputs, immediate call dispatch, and the balance between static and dynamic analysis. Gain insights into fuzzing techniques and their application in better understanding the target system. Conclude with a discussion on future work and an opportunity for questions, enhancing your knowledge of Windows system internals and reverse engineering methodologies.
Overview
Syllabus
Intro
Outline
What is AFD.sys?
Goals • Project Zero's goal
First Glance
Registry
Inputs
Immediate Call Dispatch
Static Bug Hunting
Fuzzing • Preference for static / dynamic analysis Better understanding of target
Future Work
Questions
Related Courses
-
Better Bug Bounty Hunting, CTFs and Reverse Engineering - Cybertalk Episode 8
-
Reverse Engineering and Bug Hunting on KMDF Drivers
-
Investigating Windows Graphics Vulnerabilities - A Reverse Engineering & Fuzzing Story - DefCamp - 2019
-
Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
-
Finding Vulnerabilities through Static Analysis and Scripting
-
Reverse Engineering Windows Defender Part II
