Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
libc database (file in packages, hash, package files, symbols). Raw binary libc available on https://github.com/BestPig/libc-bin)
Build a database of libc offsets to simplify exploitation
Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper us…
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, a…
List of (automatic) protocol reverse engineering tools for network protocols
For effective cheating detection in security competitions. Uses Linux Kernel Module (LKM) for generating flags.
Linux kernel module implementation & exploitation (pwn) labs.
Some setup scripts for security research tools.
Vulnerability research notes for VirtualBox and QEMU. Contains debug environment setup notes, a PoC template, exploit primitive notes, and more.
A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)
FuzzBench - Fuzzer benchmarking as a service.
Collection of various algorithms in mathematics, machine learning, computer science and physics implemented in C++ for educational purposes.
Collection of various algorithms in mathematics, machine learning, computer science, physics, etc implemented in C for educational purposes.
Miscellaneous utilities and such that I use for pwning. Open sourced since people might find these useful. Be warned: nothing is stable.
A list of cool features of Git and GitHub.
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
My personal cheat sheet for using WinDbg for kernel debugging
IDA Pro loader and processor modules for WebAssembly
A curated list of awesome Fuzzing(or Fuzz Testing) for software security