We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.



Displaying 1 to 19 from 19 results

pwntools - CTF framework and exploit development library

  •    Python

Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. You can now do a live demo of Pwntools, right in your browser.

tools - security and hacking tools, exploits, proof of concepts, shellcodes, scripts

  •    Assembly

This section offers a selection of our fully featured security and hacking tools. We also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested and may not have the feature set. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us.

shellen - :cherry_blossom: Interactive shellcoding environment to easily craft shellcodes

  •    Python

Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Shellen can also be used as an assembly or disassembly tool. keystone and capstone engines are used for all of shellen's operations.

cemu - Cheap EMUlator: lightweight multi-architecture assembly playground

  •    Python

Writing assembly is fun. Assembly is the lowest language (humanly understandable) available to communicate with computers, and is crucial to understand the internal mechanisms of any machine. Unfortunately, setting up an environment to write, compile and run assembly for various architectures (x86, ARM, MIPS, SPARC) has always been painful. CEmu is an attempt to fix this by providing a bundled GUI application that empowers users to write assembly and test it by compiling it to bytecode and executing it in an QEMU-based emulator. CEmu combines all the advantages of a basic assembly IDE, compilation and execution environment, by relying on the great libraries Keystone, Unicorn and Capstone engines in a Qt powered GUI.




venom - venom (metasploit) shellcode generator/compiler/listener

  •    Shell

venom (metasploit) shellcode generator/compiler/listener

Amber - Reflective PE packer.

  •    Assembly

amber is a reflective PE packer for bypassing security products and mitigations. It can pack regularly compiled PE files into reflective payloads that can load and execute itself like a shellcode. It enables stealthy in-memory payload deployment that can be used to bypass anti-virus, firewall, IDS, IPS products and application white-listing mitigations. If you want to learn more about the packing methodology used inside amber check out below. For more detail about usage, installation and how to decrease detection rate check out WIKI. Developed By Ege Balcı from INVICTUS/PRODAFT.

WinREPL - x86 and x64 assembly "read-eval-print loop" shell for Windows

  •    C++

WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly. zerosum0x0/WinREPL is similar to yrp604/rappel (Linux) and Tyilo/asm_repl (Mac), but with a slightly different methodology that should allow for tricks such as self-modifying shellcode crypting/encoding. There is also enferex/asrepl for a Unicorn (emulated) version, but WinREPL is completely native inside a Windows process context.

v0lt - Security CTF Toolkit (Not maintained anymore)

  •    Python

v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only.


fido - Teaching old shellcode new tricks

  •    Python

Give fido.py a x86 (32 bit or 64 bit) windows shellcode and it will strip off Stephen Fewer's hash API stub and replace it with something that bypasses EMET Caller and EAF+ checks but keeps the actual API calls in use. Can take input from cmdline (via -s).

Shellware - Persistent bind shell via pythonic shellcode execution, and registry tampering.

  •    Python

Upon execution Shellware will prompt for administrative privileges, once granted it wil copy itself to the C:\Users directory and add a registry entry for persistence. It will open port 8899 on the target machine and listen for a connection. Once a connection is established the program spawns an interactive OS shell. To make the program a little less suspiscious it might prudent to bind Shellware.exe to an innocent binary for deployment. Furthermore, the program attempts to tamper with certain registry entries to protect itself somewhat(and be generally annoying). The registry tampering attempts to disable error reporting, system restore and tries to disable LUA. I've had mixed results on different Windows platforms, however a registry entry for persistence has been consistently succesful throughout testing on various platforms.

go-shellcode - Load shellcode into a new process

  •    Go

This is a program to run shellcode as its own process, all from memory. This was written to defeat anti-virus detection. Keep in mind that only 64bit shellcode will run in a 64bit process. This can't autodetect your shellcode architecture.

SelfDefence - Several sef defence methods for rootkist

  •    Assembly

Several sef defence methods for rootkist

ARM-episodes - Arm Episodes

  •    C

I have decided to combine the three works in a single pdf, for a better reading. I have only fixed some typing errors.

bst - Binary String Toolkit (BST)

  •    C

The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for inclusions in source codes, such as those used to develop exploits and Proof of Concepts in the security field. This software is licensed under the terms of the GNU General Public License.

ruse - a secure and highly-portable reverse proxy (redirector) for your Red Team infrastructure.

  •    Go

Ruse is secure, multi-platform, selective Reverse Proxy (or Redirector) that is fast and easy to deploy. It can help you concealing C2 communications, and reverse shells traffic using the HTTP protocol. Ruse combines the core features of Python's SimpleHTTPServer, Apache's mod_rewrite, and SSL ProxyPass, all in a single, self-contained and highly-portable executable.

CVE-2017-11882 - CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.

  •    Python

CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. For remote command execution,this exploit will call WinExec with SW_HIDE and call ExitProcess after WinExec returns.

SelfDefense - Several self-defense shellcodes

  •    Assembly

Several self-defense shellcodes

IAT_API - Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file

  •    Assembly

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file. Design of the block is inspired by Stephen Fewer's block_api and Josh Pitts's 2017 DEFCON talk. iat_api finds the addresses of API functions by parsing the _IMAGE_IMPORT_DESCRIPTOR structure entries inside the import table of the PE file. It first calculates the ROR(13) hash of the (module name + function name) and compares with the hash passed to block. If the hash matches it calls the function with the parameters passed to block.

osed-scripts - bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

  •    Python

Finds and categorizes useful gadgets. Only prints to terminal the cleanest gadgets available (minimal amount of garbage between what's searched for and the final ret instruction). All gadgets are written to a text file for further searching. today (3 june 2021) i found that ropper (and also ROPGadget) fail to find a gadget that rp++ finds (this led me to have a hard time with challenge #2, as there was an add gadget that ropper simply didn't see).

Social Icons

Subscribe to our mailing list





Most Viewed Product

JForum
Asgbookphp - PHP Guestbook Script
Phorum - PHP based forum software
Pligg - Social Publishing CMS
Usebb - UseBB forum software in PHP 4 and 5.3.
Crawltrack - Tracks the visits of Crawler
MyBB - professional,efficient discussion board
Microlinkr - Tiny url generator
Webalizer - fast web server log file analysis
Simple Machines Forum - Elegant, Effective and Powerful

Recently Viewed Product

JPPack - A small collection of VCL/LCL components for Delphi/Lazarus - buttons, panels, LinkLabel, ColorComboBox, ColorListBox, Timer and other
instagram-scraper - Scrape the Instagram frontend. Inspired from twitter-scraper by @kennethreitz.
corvus - A fast and lightweight Redis Cluster Proxy for Redis 3.0
dropship - Super simple deployment tool
printer - A fancy logger yet lightweight, and configurable. 🖨
Storytlr - Lifestreaming and Microblogging platform written in PHP
prompt-so-fancy - Fancy terminal
BioSentVec - BioWordVec & BioSentVec: pre-trained embeddings for biomedical words and sentences
node-unzip-to-s3 - Unzip files directly to Amazon S3 using streams.
vitess-sqlparser - simply SQL Parser for Go ( powered by vitess and TiDB )

We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.






2018 © findbestopensource.com. Made in India. All trademarks and copyrights are held by respective owners. Advertise  |  About us  |  Privacy Policy  |  Terms of Use  |