Cr4sh / MsFontsFuzz
Licence: other
OpenType font file format fuzzer for Windows
Stars: ✭ 49
Programming Languages
C++
36643 projects - #6 most used programming language
objective c
16641 projects - #2 most used programming language
Projects that are alternatives of or similar to MsFontsFuzz
Kernelpop
kernel privilege escalation enumeration and exploitation framework
Stars: ✭ 628 (+1181.63%)
Mutual labels: kernel, vulnerabilities
Clusterfuzz
Scalable fuzzing infrastructure.
Stars: ✭ 4,648 (+9385.71%)
Mutual labels: fuzzing, vulnerabilities
Cfb
Canadian Furious Beaver is a tool for hijacking IRPs handler in Windows drivers, and facilitating the process of analyzing Windows drivers for vulnerabilities
Stars: ✭ 146 (+197.96%)
Mutual labels: kernel, fuzzing
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1887.76%)
Mutual labels: fuzzing, vulnerabilities
Kafl
Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
Stars: ✭ 486 (+891.84%)
Mutual labels: kernel, fuzzing
Oss Fuzz
OSS-Fuzz - continuous fuzzing for open source software.
Stars: ✭ 6,937 (+14057.14%)
Mutual labels: fuzzing, vulnerabilities
Fisy Fuzz
This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.
Stars: ✭ 110 (+124.49%)
Mutual labels: kernel, fuzzing
Hacksysextremevulnerabledriver
HackSys Extreme Vulnerable Windows Driver
Stars: ✭ 1,330 (+2614.29%)
Mutual labels: kernel, vulnerabilities
clusterfuzzlite
ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
Stars: ✭ 315 (+542.86%)
Mutual labels: fuzzing, vulnerabilities
Kafl
A fuzzer for full VM kernel/driver targets
Stars: ✭ 204 (+316.33%)
Mutual labels: kernel, fuzzing
Syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
Stars: ✭ 3,841 (+7738.78%)
Mutual labels: kernel, fuzzing
Paper collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
Stars: ✭ 710 (+1348.98%)
Mutual labels: kernel, fuzzing
Vulnerable Kext
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
Stars: ✭ 188 (+283.67%)
Mutual labels: kernel, vulnerabilities
PersonalStuff
This is a repo is to upload files done during my research.
Stars: ✭ 94 (+91.84%)
Mutual labels: fuzzing, vulnerabilities
sqredirect
Redirection and filtering Source Engine game traffic in bundle with sqproxy
Stars: ✭ 21 (-57.14%)
Mutual labels: kernel
Macaron
A sweet hobby made operating system written in C++ for x86 CPUs with GUI
Stars: ✭ 34 (-30.61%)
Mutual labels: kernel
x86 starterkit
👷🏻♂️ An easy starting point for your first OS/Kernel
Stars: ✭ 32 (-34.69%)
Mutual labels: kernel
xone
Linux kernel driver for Xbox One and Xbox Series X|S accessories
Stars: ✭ 636 (+1197.96%)
Mutual labels: kernel
********************************************************* MsFontsFuzz: OpenType font format fuzzer for Windows By Oleksiuk Dmytro (aka Cr4sh) http://twitter.com/d_olex http://blog.cr4.sh mailto:[email protected] ********************************************************* USAGE: > MsFontsFuzz.exe <font_name> <font_file_path> [options] ... where <font_name> and <font_file_path> – Text name of the font and path to the .TTF/.OTF font file. The [options] can be: --test – Just draw font characters and print file information without fuzzing. --text – String that will be drawn during fuzzing using the specified font. By default - ASCII ñcharacters string in range 20h – 7Fh. --noisy – Print detailed information about each fuzzing iteration. --fix-crcs – Fix invalid checksums in specified font file without fuzzing. EXAMPLE: See Release\BrushScriptStd_Fuzzing.bat - you can run this scenario to start fuzzing with the Brush Script Std Regular font. This fuzzer helps me to find remote (client-side) DoS 0day vulnerability in Windows kernel, with invalid decoding of 0x0d byte in the Type 2 Charstring Format Glyph, that drops ATMFD.DLL code into the infinite loop. PoC code: http://dl.dropbox.com/u/22903093/blog/CFF_Type-1_0x0d_expl/CFF_Type-1_0x0d_expl.rar Detailed analysis (russian): http://blog.cr4.sh/2012/06/0day-windows.html
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].