Displaying 1 to 16 from 16 results

gef - GEF - GDB Enhanced Features for exploit devs & reversers

  •    Python

GEF is a kick-ass set of commands for X86, ARM, MIPS, PowerPC and SPARC to make GDB cool again for exploit dev. It is aimed to be used mostly by exploiters and reverse-engineers, to provide additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. It has full support for both Python2 and Python3 indifferently (as more and more distros start pushing gdb compiled with Python3 support).

shellen - :cherry_blossom: Interactive shellcoding environment to easily craft shellcodes

  •    Python

Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Shellen can also be used as an assembly or disassembly tool. keystone and capstone engines are used for all of shellen's operations.

one_gadget - The best tool for finding one gadget RCE in libc.so.6

  •    Ruby

When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve('/bin/sh', NULL, NULL). Note: require ruby version >= 2.1.0, you can use ruby --version to check.

libc-database - Build a database of libc offsets to simplify exploitation

  •    Shell

You can also add a custom libc to your database. Find all the libc's in the database that have the given names at the given addresses. Only the last 12 bits are checked, because randomization usually works on page size level.

gef-extras - Extra goodies for GEF: Open repository for unfiltered contributions to the project.

  •    Python

Good for you! This repository is open to anyone, no filtering is done! Simply drop a PR with the command you want to share 😄 And useful scripts will eventually be integrated directly to GEF.

hevd - Public repository for HEVD exploits

  •    C

Public repository for HackSys Extremely Vulnerable Driver (HEVD) exploits targeting Windows 8.1 x64 (9600) and Windows 10 x64 (1709).

ctf-writeups - Collection of scripts and writeups

  •    C

These challenges are created by me so there're scripts for creating them.

heapinfo - create an interactive memory info interface while pwn / exploiting

  •    Ruby

As pwn lovers, while playing CTF with heap exploitation, we always need a debugger (e.g. gdb) for tracking memory layout. But we don't really need gdb if we want to see whether the heap layout same as our imagine or not. Hope this small tool helps us exploit easier ;). HeapInfo is very helpful when binary has somehow anti-debugger limitations, e.g. being ptraced. HeapInfo still works because it doesn't use ptrace.

pwn - A 100 SLOC mangling of a JavaScript eventing system

  •    CoffeeScript

A <100 SLOC mangling of a JavaScript eventing system. pwn your objects using obj.prototype = Object.create(pwn); That's right - don't even worry about your constructor - that's some pseudo-classical garbage. You pwned it.

pwn2exploit - all mine papers, pwn & exploit


这是些前段时间研究二进制的一些心得 Paper. 本来是希望能够从底层原理到全局把控的层次去整理. 这里只完成了部分的Paper, 还有很多的Paper只写了概要点. 这篇文章介绍了如何在目前的ELF下进行动态so注入, 介绍 gnu.hash 的结构和相关算法, 具体的代码可以参考evilELF, 代码设计规范.

pwninit - pwninit - automate starting binary exploit challenges

  •    Rust

Run pwninit in a directory with the relevant files and it will detect which ones are the binary, libc, and linker. If the detection is wrong, you can specify the locations with --bin, --libc, and --ld. If you don't like the default template, you can use your own. Just specify --template-path <path>. Check template.py for the template format. The names of the exe, libc, and ld bindings can be customized with --template-bin-name, --template-libc-name, and --template-ld-name.

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.