Awesome
windows-kernel-debugging-guide
Setting up virtual machine
- Enable kernel debugging
bcdedit /debug on
- Set COM port
bcdedit /dbgsettings serial debugport:2 baudrate:115200
-
Turn off Firewall
-
Install WDK Test Target. Can be copied from the following path on the host machine
C:\Program Files (x86)\Windows Kits\10\Remote\x64\WDK Test Target Setup x64-x64_en-us.msi
- Set COM port for virtual machine
Setting up visual studio debugger
Config kernel debug device
Set new device as remote debugged machine
Start debugger session
- Attach to remote kernel
-
Copy sys file of drivre to the virtual machine
-
Place break points in driver code
-
Start driver
sc create Zero type= kernel binPath= C:\Users\debuggee\Desktop\drivers\Zero.sys
- Use additional service control commands to manage driver
sc start Zero
sc stop Zero
sc delete Zero