MBE - Course materials for Modern Binary Exploitation by RPISEC

•    C

This repository contains the materials as developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation. Vulnerability research & exploit development is something totally outside the bounds of what you see in a normal computer science curriculum, but central to a lot of what we RPISEC members find ourselves doing in our free time. We also find that subjects in offensive security tend to have a stigma around them in university that we would like to help shake off. These are practical, applied skills that we're excited to share with those interested in learning.

AutoSploit - Automated Mass Exploiter

•    Python

Receiving back connections on your local machine might not be the best idea from an OPSEC standpoint. Instead consider running this tool from a VPS that has all the dependencies required, available. The new version of AutoSploit has a feature that allows you to set a proxy before you connect and a custom user-agent.

EggShell - iOS/macOS/Linux Remote Administration Tool

•    Objective-C

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.

commix - Automated All-in-One OS command injection and exploitation tool.

•    Python

Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header. Usage of commix for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

rizin - UNIX-like reverse engineering framework and command-line toolset.

•    C

Rizin is a fork of the radare2 reverse engineering framework with a focus on usability, working features and code cleanliness. To learn more on Rizin you may want to read the official Rizin book.

featherduster - An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

•    Python

FeatherDuster is a tool written by Daniel "unicornfurnace" Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and can be used independently of FeatherDuster. Why "FeatherDuster"? There's an in-joke amongst some crypto folk where using crypto poorly, or to solve a problem that crypto isn't meant to solve is called "sprinkling magical crypto fairy dust on it". FeatherDuster is for cleaning up magical crypto fairy dust.

XAttacker - X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

•    Perl

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Exploit-Writeups - A collection where my current and future writeups for exploits/CTF will go

Welcome to my collection of exploit writeups. This repo is where my current and future writeups for public exploits, vulnerability research, and CTF challenge solves will go. Below is a directory of the current writeups that I've published. An overview of the PS4 kernel exploit codenamed "namedobj", which targets a type confusion vulnerability in the sys_namedobj_* Sony system calls. This overview covers the basic exploit strategy required to leverage the type confusion bug into a fully fledged exploit.

shellen - :cherry_blossom: Interactive shellcoding environment to easily craft shellcodes

•    Python

Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Shellen can also be used as an assembly or disassembly tool. keystone and capstone engines are used for all of shellen's operations.

Windows - Awesome tools to exploit Windows !

Awesome tools to exploit Windows !

ATSCAN - Advanced Search & Mass Exploit Scanner- فاحص متقدم لبحث و استغلال الثغرات بالجملة

•    Perl

● Search engine Google / Bing / Ask / Yandex / Sogou ● Mass Dork Search ● Multiple instant scans. ● Mass Exploitation ● Use proxy. ● Random user agent. ● Random engine. ● Extern commands execution. ● XSS / SQLI / LFI / AFD scanner. ● Filter wordpress and Joomla sites. ● Find Admin page. ● Decode / Encode Base64 / MD5 ● Ports scan. ● Collect IPs ● Collect E-mails. ● Auto detect errors. ● Auto detect Cms. ● Post data. ● Auto sequence repeater. ● Validation. ● Post and Get method ● Interactive and Normal interface. ● And more...

TIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.

•    Python

NOTE: For installing globally, you will need to default your Python version to 2.x. However, the work of migration from Python2 to Python3 is already underway. TIDoS needs some libraries to run, which can be installed via aptitude or yum Package Managers.

BinExp - Linux Binary Exploitation

•    C

I am quite passionate about exploiting binary files. First time when I came across Buffer Overflow(a simple technique of exploitation) then I was not able to implement the same with the same copy of code on my system. The reason for that was there was no consolidated document that would guide me thoroughly to write a perfect exploit payload for the program in case of system changes. Also there are very few descriptive blogs/tutorials that had helped me exploiting a given binary. I have come up with consolidation of Modern exploitation techniques (in the form of tutorial) that will allow you to understand exploitation from scratch. Lecture 1.

memrepl - Memory inspection REPL interface

•    Python

memrepl is a frida based script that aims to help a researcher in the task of exploitation of memory corruption related bugs. All the requirements will be installed automatically using python's setuptools.

symrepl - Symbol REPL

•    Python

symrepl is a small utility that helps you investigate the type information inside binaries. It uses lldb in order to access the symbolic information inside a binary. The main use case of this little helper tool is to help vulnerability researchers find interesting things to use while exploiting software.

InsecureProgramming - mirror of gera's insecure programming examples | http://community

•    C

This is a mirror of Gera's Insecure Programming examples. Oldies but great for begineers getting into the basics of exploitation techniques and vulnerabilities.

on-pwning - My solutions to some CTF challenges and a list of interesting resources about pwning stuff

•    Python

This repository contains my solutions to some CTF challenges and a list of interesting resources about pwning stuff.

MIDA-Multitool - Bash script purposed for system enumeration, vulnerability identification and privilege escalation

•    Shell

Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor.

Droid-Application-Fuzz-Framework - Android application fuzzing framework with fuzzers and crash monitor

•    HTML

After installing the apps in Android Device, use them at least once. Allow popups, configure first time screens etc. I am just open sourcing a private project for the benefit of community. I don't have time to actively maintain this project. If you have found bugs, fix them and send pull requests. That's how open source should work! I have done my best to make the documentation clear and simple for all types of users. Please check Google or Stack Overflow if you are stuck.

foxpwn - Exploit code for CVE-2016-9066

•    Javascript

Proof-of-Concept exploit for CVE-2016-9066. Find a detailed writeup here.