Windows Kernel Debugging & Exploitation Part1 - Setting up the lab - VoidSec
0x00 - Introduction to Windows Kernel Exploitation
The good news is: reversing IOCTL based WDM drivers (the most prevalent way drivers are developed) is very easy, as they always follow the same structure.
This is the dummy dummy explanation if your goal is to get reversing quickly. Of course I advise you to learn the basics of driver development, IOCTLs, IRPs and more, to really
understand whats happening here. But at the end of this tutorial, you should be able to get going with simple driver reverse engineering of IOCTL communications using IDA.
Exploiting System Mechanic Driver - VoidSec
IntelĀ® 64 and IA-32 Architectures Developer's Manual: Vol. 3A