k.mohit46

Talks within my organisation

Tech Talks: I have delivered over 10 internal technical presentations tailored to a wide range of audiences across multiple product development disciplines within my organisation(netskope).
Hybrid Engagement: These sessions were conducted through both face-to-face and online formats, allowing me to interact with a significant number of colleagues and refine my ability to communicate complex technical topics to diverse teams.
Knowledge Transfer: Beyond formal talks, I have led dedicated mentoring sessions and deep-dive technical walkthroughs to help ramp up team members on specialized security research.

External Industry Recognition

BlackHat Europe (Arsenal): I was selected to present my research and open-source tool, IOCTL Hammer, at BlackHat Europe.
Expert Engagement: This experience involved presenting to an international audience of cybersecurity experts, where I successfully managed high-traffic live interactions at the Arsenal booth.
Communication Mastery: Preparing for and executing this talk helped me hone my skills in articulating the technical value and novelty of my work to an external, expert-level audience.

IOCTL-hammer is a lightweight fuzzing harness designed for efficient and targeted security auditing of Windows driver IOCTL interfaces. This tool addresses the high barrier to entry for kernel driver testing by providing a simple, accessible framework that focuses on the most common vulnerability patterns: buffer mismanagement. Rather than relying on complex, coverage-guided instrumentation, ioctl-hammer adopts a parameter-centric methodology, systematically manipulating the four core user-mode buffer descriptors sent via DeviceIoControl.

The fuzzer executes a structured, predefined suite of test cases designed to stress boundary conditions, null parameter handling, and size discrepancies. Despite its simplicity, this focused approach has proven highly effective in real-world testing against proprietary Windows drivers, successfully uncovering multiple zero-day vulnerabilities including a kernel-to-user heap overflow, Denial of Service vulnerabilities and Direct BSODs. IOCTL-hammer is designed for security engineers and researchers to quickly perform initial vulnerability assessments on IOCTLs, find low-hanging fruit, and validate findings without requiring extensive setup or kernel debugging expertise for initial discovery.

Insights from Audience

Our audience were mostly qurious on the ways to add custom structures(payloads) that the product would be accepting to the fuzzer for breaking the entry barriers and for further exploitation
Audience found the tool very helpful for performing quick security audits for the software that runs on windows platform and uses IOCTLs for communication with the kernel.

https://blackhat.com/eu-25/arsenal/schedule/index.html?track[]=exploitation-and-ethical-hacking#ioctl-hammer---parameter-centric-ioctl-fuzzer-for-windows-drivers-48502

k.mohit46

About

Talks within my organisation

External Industry Recognition

Speaking Topics & Expertise

Featured Talks

IOCTL-hammer - Parameter centric IOCTL Fuzzer for Windows Drivers

Connect

Experience Level