In recent years, Windows kernel security has been a very high priority for Microsoft. There are now fewer kernel issues, and it is becoming harder for security researchers to find the kernel issues. This is why I developed a tool to help security researchers to fuzz Windows kernel. Firstly, I will introduce a new method for fuzzing the Windows kernel. Then, I will detail the fuzzing framework, how it works, and will discuss the methods for fuzzing the Windows Kernel. The fuzzer is focused on Windows kernel objects and their relationship with different objects. This paper will cover GDI objects and some other Windows Kernel Objects. And I will also show some crash cases that I discovered with the help of the fuzzing framework. Finally, I will share details about Windows crashed and demonstrate an exploit that I completed last year.
OPCDE is founded, curated and organized by Comae Technologies. Comae Technologies is a cybersecurity start-up founded by Matt Suiche.