Displaying 1 to 17 from 17 results

gef - GEF - GDB Enhanced Features for exploit devs & reversers

GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provide additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. It has full support for both Python2 and Python3 indifferently (as more and more distros start pushing gdb compiled with Python3 support).

Am-I-affected-by-Meltdown - Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a

Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN. The basic idea is that user will know whether or not the running system is properly patched with something like KAISER patchset (https://lkml.org/lkml/2017/10/31/884) for example.

featherduster - An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

FeatherDuster is a tool written by Daniel "unicornfurnace" Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and can be used independently of FeatherDuster. Why "FeatherDuster"? There's an in-joke amongst some crypto folk where using crypto poorly, or to solve a problem that crypto isn't meant to solve is called "sprinkling magical crypto fairy dust on it". FeatherDuster is for cleaning up magical crypto fairy dust.

reverse-shell - Reverse Shell as a Service

Easy to remember reverse shell that should work on most Unix-like systems.On your machine, open up a port and listen on it. You can do this easily with netcat.

expdevBadChars - Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing

This is a Bad Characters highlighter intended to be used for exploit development purposes. It supports multiple input formats and is able to effectively convert from regex-matching format to the byte array. This makes this tool useful while we have for instance shellcode encoded as a Python string concatenation sequence and we want to quickly compare it with the OllyDbg memory that we just dumped (either in textual, printable form or in raw hex binary bytes).

Exploit-Development-Tools - A bunch of my exploit development helper tools, collected in one place.

A bunch of my exploit development helper tools, that I've developed over time and used, collected in one place. Gathered mostly from my (gists) and/or HDD. expdevBadChars - This is a Bad Characters highlighter intended to be used for exploit development purposes. It supports multiple input formats and is able to effectively convert from regex-matching format to the byte array.

HEVD_Kernel_Exploit - Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes

My HackSysExtremeVulnerableDriver exploits pack for education purposes developed under Windows 7 x86 SP1. The x86 version of this exploit does not bypass SMEP. Although, in the x64 directory - some sample x64 exploits against HEVD are released that might need to employ SMEP bypasses.

Penetration-Testing-Tools - Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources

This is a collection of many tools, scripts, cheatsheets and other loots that I've been developing over years for penetration testing and IT Security audits purposes. Many of them actually had been used during real-world assignments, some of them are a collection gathered from various sources (waiting to be used someday). This repository does not contain actual exploits. These I will release under separate repository in some point in future.

webcgi-exploits - Multi-language web CGI interfaces exploits.

Here's several exploits related to different web CGIs. I wrote those exploits in last few years. There are communications between each layer. each layer software are developed by different teams. they do have standards to communicate each other, but they always have misunderstandings or design faults. So we can take advantage of those faults to achieve our goals, like RCE, spwan a shell, port forward etc.

gef-extras - Extra goodies for GEF: Open repository for unfiltered contributions to the project.

Good for you! This repository is open to anyone, no filtering is done! Simply drop a PR with the command you want to share 😄 And useful scripts will eventually be integrated directly to GEF.

memrepl - Memory inspection REPL interface

memrepl is a frida based script that aims to help a researcher in the task of exploitation of memory corruption related bugs. All the requirements will be installed automatically using python's setuptools.

symrepl - Symbol REPL

symrepl is a small utility that helps you investigate the type information inside binaries. It uses lldb in order to access the symbolic information inside a binary. The main use case of this little helper tool is to help vulnerability researchers find interesting things to use while exploiting software.

HTTPsys - 🔥 A checker site for MS15-034 / CVE-2015-1635

A checker site for MS15-034 / CVE-2015-1635.

CircuitBreaker - Nintendo Switch hacking toolkit

This is Circuit Breaker, a Nintendo Switch hacking toolkit. It is heavily based upon the PegaSwitch toolkit and the ReSwitched team deserves a huge amount of credit for their work, without which this project would be impossible. Make sure you have all the ruby gems installed. Installing ruby and bundler are outside of the scope of this document.