_g_

This is a POC of IOCTL fuzzer. It gave surprisingly good results.

IOCTL-Proxy works by hooking NtDeviceIoControlFile, manipulating its' parameters and feeding them to the real function.

Load the driver and simply click around in application you want to test.

You will get a lot of BSODS, be careful.

PreviousMode==KernelMode is ignored, since we are only interested in calls from UserMode to KernelMode, not Kernel->Kernel.

Get it here:
http://www.orange-bat.com