资 源 简 介
Overview
IOCTLbf is just a small tool (Proof of Concept) that can be used to search vulnerabilities in Windows kernel drivers by performing two
tasks:
* Scanning for valid IOCTL codes supported by drivers,
* Generation-based IOCTL fuzzing
```
_ _ _ ___
(_) _ | || | / __)
_ ___ ____ | || || |__ | |
| |/ _ / | _) || _ (_ __)
| | || ( ( | || || |) )| |
||\_/ ____) _)\_)/ || Proof of Concept
```
**An advantage of this tool is that it does not rely on captured
IOCTLs. Therefore, it is able to detect valid IOCTL codes supported
by drivers and that are not often, or even never, used by
applications from user land**. For example, it may be the case for:
* IOCTLs called in very specific conditions (not easy to discover and/or to reproduce).
* IOCTLs used for debugging p