■■□□□ Patch diffing using AI.
My Windows reverse engineering and exploit research workflow has been:
1. Pick a binary to research like tcpip.sys
2. Use github.com/joshterrill/po… to automate seeing existing binary versions, download, and generate diffs from them
3. Load the resulting .binexport’s and .bindiff into an LLM and ask it to analyze
4. Look up the build number of previous Windows version that old binary existed in from uupdump.net such as 26100.8328 and create a VM from it
5. Write code and test, working backwards from LLM analysis.
https://x.com/i/status/2057354476210811276