Explore reverse engineering and bug hunting techniques for Kernel Mode Driver Framework (KMDF) drivers in this 45-minute conference talk from 44CON 2018. Begin with a quick recap of Windows Driver Model (WDM) drivers, their common structures, and entry point identification. Dive into KMDF, examining relevant functions for reverse engineering through case studies. Learn to interact with KMDF device objects using SetupDI API and analyze IO queue dispatch routines. Investigate whether the framework enhances security by examining major vendor implementation problems. Gain practical knowledge to conduct bug hunting sessions on KMDF drivers, covering topics such as driver models, device objects, IRP major function codes, buffer access methods, and IOCTL codes. Discover techniques for finding KMDF drivers and identifying potential security issues like unsanitized data and kernel pointer leakage.