Hi borgir.
For me answer to your question is: WinDbg, no doubts.
Depends on your case, e.g when you are developing your own driver simplest solution for finding ep is to use "bu" in windbg.
(tutorial for begginers:
http://www.cmlab.csie.ntu.edu.tw/~cathy ... torial.pdf)
Next solution is to make breakpoint on nt!IopLoadDriver, find call of MmLoadSystemImage, then near this point you will be able to find something like "push dword ptr [ebp-70]" then you will find ep of loaded driver.
Of course this is not one and only one technique to achieve this.
You can find many tutorials in net about how to debug drivers with windbg, also other techniques of achieving same.
best regards,
