MS Fuzzer is coverage-guided Fuzzer that is targeting Windows Kernel Driver.
- MS Fuzzer uses Intel PT to achieve code coverage.
- The MS Fuzzer follows an AFL-like design and can detect semi-stateful bugs.
- MS Fuzzer is a well-designed fuzzer based on Nyx-Fuzzer / kAFL and Redqueen.
- Designed to find bugs for windows Driver that interact with user using DeviceIoControl.
-
Intel Skylake or later: The setup requires a Gen-6 or newer Intel CPU (for Intel PT) and adequate system memory (~2GB RAM per CPU)
-
Patched Host Kernel: A modified Linux host kernel will be installed as part of the setup. Running kAFL inside a VM may work starting IceLake or later CPU.
-
Ubuntu: The installation and tutorials are tested for recent Ubuntu 20.04.6 LTS.
- 100+ Security Bugs in 100 days
- 20+ EoP ( Elevation of Privilege )