Skip to content

Threat Unpacked

About me ~
Featured Investigations

Tag: linux

Building a Scalable Windows Driver Vulnerability Analyzer (Part 3): From One Driver to 1,775

Mar 12, 2026

—

by

splintersfury

in Uncategorized

In Part 1, I built a pipeline to ingest and classify tens of gigabytes of Windows drivers. In Part 2, I ran it at scale and found the initial results underwhelming. IOCTLance found bugs, but understanding what those bugs meant required more context than symbolic execution alone could provide. I shifted to ecosystem-level analysis with…
Building a Scalable Windows Driver Vulnerability Analyzer (Part 2)

Feb 4, 2026

—

by

splintersfury

in Uncategorized

In [Part 1], I built a pipeline to churn through gigabytes of drivers. I started with a massive raw dataset of 58.5 GB of drivers. However, feeding this volume into a static analyzer is inefficient. I aggressively filtered the set: This left me with a curated dataset of 28,000 unique drivers and a lot of…

Threat Unpacked

Deep dives into incidents, implants, and intrusion sets

About

Team
History
Careers

Privacy

Privacy Policy
Terms and Conditions
Contact Us

Social

Facebook
Instagram
Twitter/X

Blog at WordPress.com.

Subscribe Subscribed
- Threat Unpacked
- Already have a WordPress.com account? Log in now.