Home

Awesome

<h1 align="center"> <br>kAFL</br> </h1> <h3 align="center"> HW-assisted Feedback Fuzzer for x86 VMs </h3> <p align="center"> <a href="https://github.com/IntelLabs/kAFL/actions/workflows/CI.yml"> <img src="https://github.com/IntelLabs/kAFL/actions/workflows/CI.yml/badge.svg" alt="CI"> </a> <a href="https://github.com/IntelLabs/kAFL/releases"> <img alt="GitHub release (latest by date)" src="https://img.shields.io/github/v/release/IntelLabs/kAFL"> </a> <a href="https://hub.docker.com/r/intellabs/kafl"> <img alt="Docker Image Version (latest by date)" src="https://img.shields.io/docker/v/intellabs/kafl?label=Docker%20Image"> </a> <a href="https://hub.docker.com/r/intellabs/kafl"> <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/intellabs/kafl"> </a> <a href="https://github.com/IntelLabs/kAFL/blob/master/LICENSE.md"> <img alt="GitHub" src="https://img.shields.io/github/license/IntelLabs/kafl"> </a> </p> <p align="center"> <a href="https://IntelLabs.github.io/kAFL/"> <img src="https://img.shields.io/badge/Online-Documentation-green?style=for-the-badge&logo=gitbook" alt="online_docs"/> </a> </p>

kAFL/Nyx is a fast guided fuzzer for the x86 VM. It is great for anything that executes as QEMU/KVM guest, in particular x86 firmware, kernels and full-blown operating systems.

Note: All components are provided for research and validation purposes only. Use at your own Risk

Targets

kAFL is the main fuzzer driving the Linux Security Hardening for Confidential Compute effort, identifing vulnerabilities in a complex setup and improving the security of the Linux kernel for all CC solutions.

Among other successful targets for kAFL/Nyx :

Additionally, kAFL has been used internally at Intel for x86 firmware and drivers validation as well as SMM handlers fuzzing.

Features

For details on Redqueen, Grimoire, IJON, Nyx, please visit nyx-fuzz.com.

Requirements

Getting Started

Once you have python3-venv and make installed, you can install kAFL using make deploy:

sudo apt install python3-venv make git
git clone https://github.com/IntelLabs/kAFL.git
cd kAFl
make deploy

Installation make take some time and require a reboot to update your kernel.

Check the detailed installation guide in case of trouble, or the deployment guide for detailed information and customizing the kAFL setup for your project.

Fuzzing your first target

As a first fuzzing example, we recommend Fuzzing the Linux Kernel.

Other targets are available such as:

A improved documentation is under work for these targets.

Maintainers

License

License: MIT