ioctlpus

ioctlpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

Here is an example of an information leak triggered in a sample vulnerable driver:

Tentative Roadmap

[x] Create handles using Device Interface GUIDs in addition to symbolic links. [GIF]
[ ] Persist requests to SQLite databases.
[ ] Apply filters to request history.
[ ] Integrate Kaitai Struct to define and view buffer structures (inspired by).
[ ] Develop an API to use the tool headlessly (e.g. for fuzzing).
[ ] Design a cool logo.