a13xp0p0v / kernel-hack-drill
Linux kernel exploitation experiments
☆183Updated 2 months ago
Related projects: ⓘ
- ☆277Updated 4 years ago
- SALT - SLUB ALlocator Tracer for the Linux kernel☆143Updated 6 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆284Updated 5 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆319Updated 5 years ago
- Fuzzing the Kernel Using Unicornafl and AFL++☆293Updated last year
- AFL + DynamoRIO = fuzzing binaries with no source code on Linux☆243Updated 4 years ago
- Fuzzer for Linux Kernel Drivers☆367Updated 2 years ago
- An intentionally vulnerable linux driver for research purposes/practice in kernel exploit dev☆105Updated 7 years ago
- HeapHopper is a bounded model checking framework for Heap-implementations☆212Updated 4 months ago
- This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.☆141Updated last year
- ☆265Updated this week
- ☆131Updated this week
- Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL☆464Updated 2 months ago
- A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.☆133Updated 3 years ago
- A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer☆340Updated 5 years ago
- A description of the "House of Corrosion" GLIBC heap exploitation technique.☆220Updated 4 years ago
- Code and exercises for a workshop on z3 and angr☆220Updated 3 years ago
- ☆356Updated last year
- ☆84Updated 8 years ago
- A fuzzing introspection tool☆161Updated 4 years ago
- DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables☆203Updated 3 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆184Updated 5 years ago
- Use angr inside GDB. Create an angr state from the current debugger state.☆198Updated 4 years ago
- American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries☆186Updated 3 years ago
- Function redirection via ELF tricks.☆156Updated 9 years ago
- ☆177Updated this week
- ☆132Updated 3 years ago
- ☆189Updated last year
- LKRG bypass methods☆69Updated 4 years ago
- Janus: a state-of-the-art file system fuzzer on Linux☆207Updated 4 years ago