EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-10-2018, 06:34
nikor nikor is offline
Friend
 
Join Date: Dec 2012
Posts: 16
Rept. Given: 3
Rept. Rcvd 7 Times in 4 Posts
Thanks Given: 9
Thanks Rcvd at 8 Times in 3 Posts
nikor Reputation: 7
Falkervisor - hypervisor for fuzzing

This is a hypervisor for fuzzing. It runs on bare metal (not a driver), and runs on AMD fam15h machines. It's pretty cool but there are so many issues with this version, but it's still fun to look at and try to use.

This is one of the first versions of falkervisor. It was used to find bugs in Chrome sandbox, Windows Defender, Word (RTF), and probably some other random crap between 2014-2015. Since I didn't use version control I'm probably missing pieces, but this actually builds and should run on any AMD fam15h machine. It should be able to boot up single-core OSes right off IDE based disk, and take snapshots via proprietary falktp which I don't have the server for anymore, so you'd have to reverse it. You also need an Intel x540 for this to run.

hxxps://github.com/gamozolabs/falkervisor_beta

(disclaimer; this is not my work)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti-debugging techniques for a hypervisor debugger HarrySpoofer General Discussion 4 08-03-2018 05:31


All times are GMT +8. The time now is 19:21.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX