Skip to content

Guides

Cross-cutting analysis that synthesizes patterns from the KernelSight corpus.

  • Why Kernel Drivers? -- what hardware enforces, what only Ring 0 can do, user-mode alternatives, and Microsoft's trajectory.
  • Anatomy of a Secure Driver -- the 6 anti-patterns behind most Windows kernel driver vulnerabilities, with fixes and real CVE citations.
  • Corpus Analytics -- visual breakdown of 134 CVEs by driver, year, vulnerability class, and exploitation status.
  • Exploit Chain Patterns -- the 5 recurring exploit chain shapes, from initial corruption through SYSTEM.
  • Patch Patterns -- what Microsoft's fixes look like for each bug class, with before/after pseudocode.
  • Mitigation Timeline -- when each kernel defense landed and how it shifted attacker techniques.