A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
☆345May 5, 2019Updated 6 years ago
Alternatives and similar repositories for bochspwn
Users that are interested in bochspwn are comparing it to the libraries listed below
Sorting:
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆310Feb 24, 2019Updated 7 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels☆591Jan 10, 2019Updated 7 years ago
- TrueType and OpenType font fuzzing toolset☆437Aug 28, 2019Updated 6 years ago
- A hypervisor for fuzzing built with WHVP and Bochs☆380Feb 5, 2019Updated 7 years ago
- ☆63Apr 13, 2017Updated 8 years ago
- DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables☆215Sep 17, 2021Updated 4 years ago
- AFL/QEMU fuzzing with full-system emulation.☆640Sep 9, 2018Updated 7 years ago
- A fork of AFL for fuzzing Windows binaries☆2,534Dec 5, 2025Updated 2 months ago
- Detect, analyze and uniquely identify crashes in Windows applications☆521May 23, 2025Updated 9 months ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆138Nov 28, 2015Updated 10 years ago
- This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows☆466Apr 17, 2018Updated 7 years ago
- ☆386Oct 28, 2019Updated 6 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆136Feb 15, 2019Updated 7 years ago
- Clang instrumentation module for tracing variable and buffer comparisons in C/C++ and saving the coverage data to .sancov files☆203Mar 14, 2019Updated 6 years ago
- Improving AFL by using Intel PT to collect branch information☆292Jul 26, 2019Updated 6 years ago
- Some kernel fuzzing paper about windows and linux☆255Oct 9, 2017Updated 8 years ago
- Generation-based, context-free grammar fuzzer. Refer to https://github.com/posidron/dharma for a maintained version.☆494Aug 13, 2021Updated 4 years ago
- IDAScript to create Symbol file which can be loaded in WinDbg via AddSyntheticSymbol☆41Jul 25, 2014Updated 11 years ago
- Fuzzing the Kernel Using Unicornafl and AFL++☆305Jan 2, 2023Updated 3 years ago
- DOM fuzzer☆1,769Nov 26, 2024Updated last year
- Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android☆1,293Jan 13, 2026Updated last month
- Fuzzer for Linux Kernel Drivers☆384Apr 30, 2022Updated 3 years ago
- The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…☆406Apr 27, 2023Updated 2 years ago
- Black Hat 2016 Slides, Paper and Code☆83Aug 10, 2016Updated 9 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL☆473Jul 8, 2024Updated last year
- VMAttack PlugIn for IDA Pro☆866Nov 30, 2017Updated 8 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Jul 22, 2016Updated 9 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆634Jul 7, 2017Updated 8 years ago
- A lightweight dynamic instrumentation library☆1,308Apr 1, 2025Updated 11 months ago
- IDA 2016 plugin contest winner! Symbolic Execution just one-click away!☆1,612Jun 11, 2025Updated 8 months ago
- Have fun with the LowFragmentationHeap☆253Feb 3, 2021Updated 5 years ago
- IDA binary differ. Since code.google.com/p/patchdiff2/ seemed abandoned, I did the obvious thing…☆65Apr 9, 2015Updated 10 years ago
- libipt - an Intel(R) Processor Trace decoder library☆705Jan 8, 2026Updated last month
- Set of tests for fuzzing engines☆1,467Aug 25, 2021Updated 4 years ago
- QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.☆350Jul 30, 2024Updated last year
- ☆14Jun 30, 2015Updated 10 years ago
- wow64 syscall filter☆13Nov 12, 2014Updated 11 years ago