Driver vulnerabilities are among the most powerful targets in offensive security; yet most researchers rely on random fuzzing that yields inconsistent results. This session introduces a structured five-step methodology for hunting driver bugs that moves beyond the "fuzz and hope" approach, combining mass collection, API filtering, device verification, static analysis and guided fuzzing into a repeatable pipeline.

This session, led by Priyanshu Sharma of MIT Pune, will cover:

• How to filter thousands of drivers down to a shortlist of high-value targets using import table analysis and device verification;
• How to navigate dispatch tables and IRP major functions in Ghidra to identify dangerous IOCTL handlers;
• How the pipeline was applied in practice, resulting in the discovery of four zero-days, including CVE-2025-60419.