{"id":48996245,"url":"https://github.com/SoftSec-KAIST/IMF","last_synced_at":"2026-05-21T10:01:10.936Z","repository":{"id":25495019,"uuid":"101030182","full_name":"SoftSec-KAIST/IMF","owner":"SoftSec-KAIST","description":"Inferred Model-based Fuzzer","archived":false,"fork":false,"pushed_at":"2022-01-22T15:17:27.000Z","size":270,"stargazers_count":111,"open_issues_count":2,"forks_count":24,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-09-10T23:49:55.263Z","etag":null,"topics":["fuzzer","kernel-fuzzing","macos"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SoftSec-KAIST.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-22T06:41:20.000Z","updated_at":"2025-04-12T15:05:32.000Z","dependencies_parsed_at":"2022-07-21T14:32:54.097Z","dependency_job_id":null,"html_url":"https://github.com/SoftSec-KAIST/IMF","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/SoftSec-KAIST/IMF","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SoftSec-KAIST%2FIMF","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SoftSec-KAIST%2FIMF/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SoftSec-KAIST%2FIMF/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SoftSec-KAIST%2FIMF/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SoftSec-KAIST","download_url":"https://codeload.github.com/SoftSec-KAIST/IMF/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SoftSec-KAIST%2FIMF/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33297101,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-21T02:57:32.698Z","status":"ssl_error","status_checked_at":"2026-05-21T02:57:31.990Z","response_time":62,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fuzzer","kernel-fuzzing","macos"],"created_at":"2026-04-18T17:00:46.517Z","updated_at":"2026-05-21T10:01:10.927Z","avatar_url":"https://github.com/SoftSec-KAIST.png","language":"Python","funding_links":[],"categories":["Tools"],"sub_categories":["Kernel"],"readme":"IMF: Inferred Model-based Fuzzer\n========================\n\nIMF is a kernel API fuzzer that leverages an automated API model\ninferrence techinque proposed in our\n[paper](http://daramg.gift/paper/han-ccs2017.pdf) at CCS. IMF\ncurrently only supports macOS. To see how to configure and run\nIMF, see the followings.\n\n# Setup\n\n## Requirements\n- python2.7\n- pypy\n- clang\n\n## How to run\n1. Generate hooking library for APIs\n```\n$ ./gen-hook [output(hooking code) path]\n$ clang  -Wall -dynamiclib -framework IOKit -framework CoreFoundation -arch i386\\\n         -arch x86_64 hook.c -o hook\n```\n\n2. Collect logs\n```\n$ DYLD_INSERT_LIBRARIES=[hooking library path] [program path] [program args]\n```\n\n3. Filter logs\n```\n$ ./filter-log [log dir] [output dir] [# of output(filtered log)] [# of core]\n```\n\n4. Infer a model and generate a fuzzer.\n```\n$ ./gen-fuzz [filtered logs path] [output(fuzzer code) path] [# of core]\n```\n\n5. Compile the fuzzer\n```\n$ clang -framework IOKit -framework CoreFoundation -arch i386 fuzz.c -o fuzz\n```\n\n6. Run the fuzzer\n```\n$ ./fuzz -f [log path] -s [seed] -b [bitlen] -r [rate] -l [# of max loops]\n```\n\n7. You may want to run the generated fuzzer within a while loop.\n\n# CVEs\n\n- CVE-2017-7159\n\n# Authors\n\nThis research project has been conducted by [SoftSec Lab](https://softsec.kaist.ac.kr) at KAIST.\n\n* [HyungSeok Han](http://daramg.gift/)\n* [Sang Kil Cha](https://softsec.kaist.ac.kr/~sangkilc/)\n\n# Citing IMF\n\nTo cite our paper ([pdf](http://daramg.gift/paper/han-ccs2017.pdf)):\n```\n@INPROCEEDINGS{han:ccs2017,\n    author = {HyungSeok Han and Sang Kil Cha},\n    title = {Inferred Model-based Fuzzing},\n    booktitle = {Proceedings of the ACM Conference on Computer and Communications Security},\n    year = {2017},\n    pages = {2345--2358}\n}\n```\n\n# Acknowledgement\n\nThe work was supported by Institute for Information \u0026 communications Technology Promotion (IITP) grant funded by the Korea government (MSIT).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSoftSec-KAIST%2FIMF","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSoftSec-KAIST%2FIMF","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSoftSec-KAIST%2FIMF/lists"}