Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. You can now do a live demo of Pwntools, right in your browser.
ctf exploit pwntools ctf-framework shellcode rop pwnable defcon capture-the-flag wargameThis section offers a selection of our fully featured security and hacking tools. We also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested and may not have the feature set. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us.
hacking shellcode exploitsShellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Shellen can also be used as an assembly or disassembly tool. keystone and capstone engines are used for all of shellen's operations.
keystone capstone shellcode interactive assembler dissassembler pwn shellcoding disassembly syscalls architecture dsm asm shell syscall-table common-shellcodes exploitation ctf exploitWriting assembly is fun. Assembly is the lowest language (humanly understandable) available to communicate with computers, and is crucial to understand the internal mechanisms of any machine. Unfortunately, setting up an environment to write, compile and run assembly for various architectures (x86, ARM, MIPS, SPARC) has always been painful. CEmu is an attempt to fix this by providing a bundled GUI application that empowers users to write assembly and test it by compiling it to bytecode and executing it in an QEMU-based emulator. CEmu combines all the advantages of a basic assembly IDE, compilation and execution environment, by relying on the great libraries Keystone, Unicorn and Capstone engines in a Qt powered GUI.
keystone unicorn capstone shellcode sparc arm aarch64 x86-64 x86-32 powerpc mipsvenom (metasploit) shellcode generator/compiler/listener
metasploit msfvenom shellcode compiler handler post-exploitationamber is a reflective PE packer for bypassing security products and mitigations. It can pack regularly compiled PE files into reflective payloads that can load and execute itself like a shellcode. It enables stealthy in-memory payload deployment that can be used to bypass anti-virus, firewall, IDS, IPS products and application white-listing mitigations. If you want to learn more about the packing methodology used inside amber check out below. For more detail about usage, installation and how to decrease detection rate check out WIKI. Developed By Ege Balcı from INVICTUS/PRODAFT.
packer pe crypter stub shellcode shellcode-loader payload malware-research paperWinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly. zerosum0x0/WinREPL is similar to yrp604/rappel (Linux) and Tyilo/asm_repl (Mac), but with a slightly different methodology that should allow for tricks such as self-modifying shellcode crypting/encoding. There is also enferex/asrepl for a Unicorn (emulated) version, but WinREPL is completely native inside a Windows process context.
x86 x64 repl shell debugger assembler shellcode asmjit keystone-enginev0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only.
security security-ctf python3 shellcodeGive fido.py a x86 (32 bit or 64 bit) windows shellcode and it will strip off Stephen Fewer's hash API stub and replace it with something that bypasses EMET Caller and EAF+ checks but keeps the actual API calls in use. Can take input from cmdline (via -s).
shellcode emet metasploit msfvenom iat-parsingUpon execution Shellware will prompt for administrative privileges, once granted it wil copy itself to the C:\Users directory and add a registry entry for persistence. It will open port 8899 on the target machine and listen for a connection. Once a connection is established the program spawns an interactive OS shell. To make the program a little less suspiscious it might prudent to bind Shellware.exe to an innocent binary for deployment. Furthermore, the program attempts to tamper with certain registry entries to protect itself somewhat(and be generally annoying). The registry tampering attempts to disable error reporting, system restore and tries to disable LUA. I've had mixed results on different Windows platforms, however a registry entry for persistence has been consistently succesful throughout testing on various platforms.
shellcode persistence exploit pentest pentesting-windowsThis is a program to run shellcode as its own process, all from memory. This was written to defeat anti-virus detection. Keep in mind that only 64bit shellcode will run in a 64bit process. This can't autodetect your shellcode architecture.
shellcode redteam post-exploitationSeveral sef defence methods for rootkist
protect-process rootkit defence stealth shellcodeI have decided to combine the three works in a single pdf, for a better reading. I have only fixed some typing errors.
arm reverse-engineering exploitation shellcodeThe Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for inclusions in source codes, such as those used to develop exploits and Proof of Concepts in the security field. This software is licensed under the terms of the GNU General Public License.
pentesting hexadecimal exploit-development shellcode binary-stringsRuse is secure, multi-platform, selective Reverse Proxy (or Redirector) that is fast and easy to deploy. It can help you concealing C2 communications, and reverse shells traffic using the HTTP protocol. Ruse combines the core features of Python's SimpleHTTPServer, Apache's mod_rewrite, and SSL ProxyPass, all in a single, self-contained and highly-portable executable.
redteam proxy-server redirector http-listener shellcodeCVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. For remote command execution,this exploit will call WinExec with SW_HIDE and call ExitProcess after WinExec returns.
exploit cve-2017-11882 rtf shellcodeSeveral self-defense shellcodes
protect-process stealth shellcode defenseAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file. Design of the block is inspired by Stephen Fewer's block_api and Josh Pitts's 2017 DEFCON talk. iat_api finds the addresses of API functions by parsing the _IMAGE_IMPORT_DESCRIPTOR structure entries inside the import table of the PE file. It first calculates the ROR(13) hash of the (module name + function name) and compares with the hash passed to block. If the hash matches it calls the function with the parameters passed to block.
shellcode exploit bypass malware antivirus
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.