googleprojectzero / bochspwn-reloadedLinks
A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
☆305Updated 6 years ago
Alternatives and similar repositories for bochspwn-reloaded
Users that are interested in bochspwn-reloaded are comparing it to the libraries listed below
Sorting:
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆337Updated 6 years ago
- Cross Platform Kernel Fuzzer Framework☆450Updated 6 years ago
- DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables☆208Updated 3 years ago
- PEDA-like debugger UI for WinDbg☆204Updated last year
- ☆282Updated 5 years ago
- A hypervisor for fuzzing built with WHVP and Bochs☆377Updated 6 years ago
- Have fun with the LowFragmentationHeap☆241Updated 4 years ago
- AFL + DynamoRIO = fuzzing binaries with no source code on Linux☆248Updated 5 years ago
- Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL☆473Updated 11 months ago
- Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels☆581Updated 6 years ago
- Code and exercises for a workshop on z3 and angr☆228Updated 4 years ago
- idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro☆387Updated last year
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆435Updated 6 years ago
- ☆248Updated 4 years ago
- Automatically exported from code.google.com/p/ioctlfuzzer☆166Updated 10 years ago
- Fuzzing the Kernel Using Unicornafl and AFL++☆301Updated 2 years ago
- CTF Challenge Framework for Windows 8 and above☆155Updated 3 years ago
- Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC☆303Updated 10 months ago
- SALT - SLUB ALlocator Tracer for the Linux kernel☆153Updated 6 years ago
- Use angr inside GDB. Create an angr state from the current debugger state.☆199Updated 4 years ago
- Shellphish's automated patching engine, originally created for the Cyber Grand Challenge.☆257Updated 3 months ago
- Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS☆338Updated 4 years ago
- ☆180Updated 6 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆133Updated 9 years ago
- Detect, analyze and uniquely identify crashes in Windows applications☆507Updated last month
- Some kernel fuzzing paper about windows and linux☆254Updated 7 years ago
- A description of the "House of Corrosion" GLIBC heap exploitation technique.☆223Updated 4 years ago
- Scripts for Binary Ninja☆257Updated 2 years ago
- Use angr in the IDA Pro debugger generating a state from the current debug session☆278Updated 4 years ago
- A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table☆208Updated 2 years ago