DIFUZE is a Python-based interface-aware fuzzing framework for Android kernel driver ioctls. It uses LLVM-based static analysis to automatically extract argument data structures from kernel driver headers, then generates valid inputs to trigger execution of kernel drivers on target devices.

Key features:

• Fully automated — provide kernel.tar.gz and collect results
• Uses static analysis to identify driver handlers and map to device file names
• Constructs complex argument instances for fuzzing
• Found 32 previously unknown zero-day vulnerabilities in 7 modern Android smartphones including Google Pixel XL

Presented at BlackHat Europe 2017 and Nullcon 2018 by Aravind Machiry.