Y3A / winkafl Public

Notifications You must be signed in to change notification settings
Fork 11
Star 64

Static binary instrumentation for windows kernel drivers, to use with winafl

AGPL-3.0 license

64 stars 11 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
demo		demo
helper		helper
post_crash		post_crash
winafl_headers		winafl_headers
LICENSE.md		LICENSE.md
README.md		README.md
afl_command.bat		afl_command.bat
asm_stubs.py		asm_stubs.py
engine.py		engine.py
ida_dumper.py		ida_dumper.py
instrument.py		instrument.py
pefilemod.py		pefilemod.py

Repository files navigation

winkafl

Based on the original pe-afl by wmliang and peafl64 by SentinelOne
Supports fuzzing 64-bit drivers on Windows 11
Blogpost at https://y3a.github.io/2023/12/22/fuzzing6/

Usage

Use ida_dumper.py in IDA to generate basic block information
Use instrument.py to statically instrument target driver
Replace target driver in fuzzing VM with instrumented version
Compile helper driver and load in fuzzing VM
Attach WinDbg to fuzzing VM
Fuzz and wait for crash
Use post_crash/dump_sample.py to extract crashing sample

About

Static binary instrumentation for windows kernel drivers, to use with winafl

AGPL-3.0 license

Report repository

Releases

No releases published

Packages

No packages published

Languages