Displaying 1 to 20 from 48 results

gef - GEF - GDB Enhanced Features for exploit devs & reversers


GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provide additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. It has full support for both Python2 and Python3 indifferently (as more and more distros start pushing gdb compiled with Python3 support).

ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization


A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. Originally released as part of AppSecCali 2015 Talk "Marshalling Pickles: how deserializing objects will ruin your day" with gadget chains for Apache Commons Collections (3.x and 4.x), Spring Beans/Core (4.x), and Groovy (2.3.x). Later updated to include additional gadget chains for JRE <= 1.7u21 and several other libraries.

AutoSploit - Automated Mass Exploiter


Receiving back connections on your local machine might not be the best idea from an OPSEC standpoint. Instead consider running this tool from a VPS that has all the dependencies required, available. The new version of AutoSploit has a feature that allows you to set a proxy before you connect and a custom user-agent.

meltdown - This repository contains several applications, demonstrating the Meltdown bug.


The applications in this repository are built with libkdump, a library we developed for the paper. This library simplifies exploitation of the bug by automatically adapting to certain properties of the environment. This repository contains five demos to demonstrate different use cases. All demos are tested on Ubuntu 16.04 with an Intel Core i7-6700K, but they should work on any Linux system with any modern Intel CPU since 2010.




pegaswitch - PegaSwitch is an exploit toolkit for the Nintendo Switch


It should no longer be necessary to run usefulscripts/SetupNew.js, since PegaSwitch will now do it automatically. API documentation for SploitCore is automatically generated using jsdoc comments.

Am-I-affected-by-Meltdown - Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a


Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN. The basic idea is that user will know whether or not the running system is properly patched with something like KAISER patchset (https://lkml.org/lkml/2017/10/31/884) for example.


featherduster - An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction


FeatherDuster is a tool written by Daniel "unicornfurnace" Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and can be used independently of FeatherDuster. Why "FeatherDuster"? There's an in-joke amongst some crypto folk where using crypto poorly, or to solve a problem that crypto isn't meant to solve is called "sprinkling magical crypto fairy dust on it". FeatherDuster is for cleaning up magical crypto fairy dust.

shellen - :cherry_blossom: Interactive shellcoding environment to easily craft shellcodes


Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Shellen can also be used as an assembly or disassembly tool. keystone and capstone engines are used for all of shellen's operations.

CVE-2018-7600 - 💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002


IMPORTANT: Is provided only for educational or information purposes. CVE-2018-7600 / SA-CORE-2018-002 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

bluebox-ng - Pentesting framework using Node.js powers, focused in VoIP.


Pentesting framework using Node.js powers. Focused in VoIP. DISCLAIMER: Pointing this tool at other people's servers is NOT legal in most countries.

windows_kernel_resources - Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits


Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

vbscan - OWASP VBScan is a Black Box vBulletin Vulnerability Scanner


OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analysis them . If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

reverse-shell - Reverse Shell as a Service


Easy to remember reverse shell that should work on most Unix-like systems.On your machine, open up a port and listen on it. You can do this easily with netcat.

expdevBadChars - Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing


This is a Bad Characters highlighter intended to be used for exploit development purposes. It supports multiple input formats and is able to effectively convert from regex-matching format to the byte array. This makes this tool useful while we have for instance shellcode encoded as a Python string concatenation sequence and we want to quickly compare it with the OllyDbg memory that we just dumped (either in textual, printable form or in raw hex binary bytes).

Exploit-Development-Tools - A bunch of my exploit development helper tools, collected in one place.


A bunch of my exploit development helper tools, that I've developed over time and used, collected in one place. Gathered mostly from my (gists) and/or HDD. expdevBadChars - This is a Bad Characters highlighter intended to be used for exploit development purposes. It supports multiple input formats and is able to effectively convert from regex-matching format to the byte array.

HEVD_Kernel_Exploit - Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes


My HackSysExtremeVulnerableDriver exploits pack for education purposes developed under Windows 7 x86 SP1. The x86 version of this exploit does not bypass SMEP. Although, in the x64 directory - some sample x64 exploits against HEVD are released that might need to employ SMEP bypasses.