Noureddine RAMDI / DeepZero: Automating Windows Kernel Driver Vulnerability Research with YAML-Driven LLM Pipelines

Created Sat, 23 May 2026 20:41:14 +0000 Modified Sat, 23 May 2026 20:41:27 +0000
932 Words
github-stars python security windows-kernel vulnerability-research llm ghidra

416rehman/deepzero

Windows kernel drivers are complex and rich attack surfaces, but manually uncovering exploitable IOCTLs is tedious and error-prone. DeepZero tackles this by automating the entire discovery pipeline — from parsing raw driver binaries through decompilation, static scanning, and AI-driven vulnerability assessment — all orchestrated in a modular, YAML-defined workflow.

What DeepZero does and how it works

DeepZero is a Python 3.11+ framework designed for automated vulnerability research targeting Windows kernel drivers, specifically focusing on the BYOVD (Bring Your Own Vulnerable Driver) attack surface. At its core, the framework parses driver binaries, decompiles them using Ghidra, scans the code for suspicious patterns with Semgrep, and applies AI-assisted assessments of potentially exploitable IOCTL handlers.

The architecture centers around a pipeline-as-YAML approach. Users define a pipeline configuration in YAML that specifies processors and the order of operations. This declarative model enables flexible customization without changing code. The pipeline engine executes tasks in parallel using Python’s ThreadPoolExecutor, improving throughput across large driver corpora.

Resumable state persistence is built-in — if interrupted, DeepZero can pick up where it left off, which is critical for large-scale or long-running scans.

A standout feature is the integration of large language models (LLMs) via the LiteLLM library. The framework uses Jinja2 template prompts, allowing any LLM provider to be plugged in easily. The LLM evaluates decompiled code snippets, generating rich vulnerability assessments that go beyond traditional static analysis.

The framework ships with several processors out of the box:

  • Ghidra decompilation to transform raw binaries into human-readable pseudo-code
  • Semgrep pattern scanning to flag known risky coding constructs
  • PE header parsing for metadata extraction
  • LOLDrivers hash filtering to exclude known safe or irrelevant drivers

This modular design encourages extension and adaptation to evolving research needs.

Architectural strengths and design tradeoffs

The pipeline-as-YAML model is a practical choice that strikes a balance between flexibility and simplicity. It allows security researchers who might not be deep Python developers to tweak or compose analysis workflows declaratively.

Parallel execution with ThreadPoolExecutor improves scalability but comes with the usual Python concurrency caveats (GIL limitations on CPU-bound tasks). However, since much of the workload involves I/O and external tool invocation (e.g., Ghidra headless runs), this concurrency approach is effective.

The resumable state persistence is a thoughtful addition, acknowledging the reality of unstable research environments or the need to pause/resume extensive scans.

Integrating LLMs using a template system (Jinja2) is clever because it decouples prompt engineering from code logic, making iterative prompt tuning straightforward. The use of LiteLLM means the framework is not tied to a single LLM provider, enhancing adaptability.

On the flip side, the reliance on Ghidra for decompilation introduces a heavyweight dependency that might complicate setup and limit performance. Also, the accuracy of LLM vulnerability assessments depends heavily on prompt quality and the inherent limitations of current language models — false positives and negatives will occur.

The framework targets Windows kernel drivers, which inherently limits its applicability. Researchers outside this niche or working on user-mode apps won’t find it immediately useful.

The codebase is mostly Pythonic and modern (3.11+), leveraging type hints and a modular design. The code quality is surprisingly clean for a security research tool, making it approachable for contributors.

Quick start with DeepZero

DeepZero’s README provides a straightforward quick start:

# Clone & install (requires Python 3.11+)
git clone https://github.com/416rehman/DeepZero.git
cd DeepZero
pip install -e .

# Configure environment variables
cp .env.example .env

# Run a pipeline on a directory of drivers
# Example: analyze drivers in C:\drivers using the loldrivers pipeline
deepzero run C:\drivers -p .\pipelines\loldrivers\pipeline.yaml

This minimal setup assumes you have your target driver binaries ready. The pipeline YAML defines the processing steps and can be customized for different analysis strategies.

The README also links to detailed documentation and example corpora, which are essential to getting meaningful results.

Verdict

DeepZero fills a niche but important gap in automated Windows kernel driver vulnerability research. Its YAML-driven modular pipeline with parallel execution and resumable state is practical for scaling across many drivers.

The integration of LLMs for vulnerability assessment is forward-thinking, showing how AI can augment traditional static analysis in security research. However, the accuracy depends on prompt design and the capabilities of the underlying LLM.

The biggest tradeoffs are setup complexity due to Ghidra dependencies and the inherent challenges of analyzing kernel code. DeepZero is best suited for security researchers and penetration testers focused on BYOVD attack surfaces who can invest time in configuring and extending the framework.

For anyone dealing with Windows kernel drivers and looking to automate or augment their vulnerability research pipeline, DeepZero is worth understanding and experimenting with — especially if you want to explore AI-assisted code analysis in this domain.

→ GitHub Repo: 416rehman/deepzero ⭐ 455 · Python