exploit-development.md

opensource-exploits

A collections of various exploits

Exploits database

• tunz/js-vuln-db - A collection of JavaScript engine CVEs with PoCs

Exploit developement

Debugger

• DynamoRIO/drmemory - Memory Debugger for Windows, Linux, Mac, and Android

Porting

• ChrisTheCoolHut/Easy-Pickings - Automatic function exporting and linking for fuzzing cross-architecture binaries

Radare related

• invictus1306/beebug - A tool for checking exploitability

MacOS

• ChiChou/XPCShark - Toy to have fun with XPC

Linux

• PaoloMonti42/salt - SLUB ALlocator Tracer for the Linux kernel
• niklasb/libc-database - Build a database of libc offsets to simplify exploitation
• jollheef/out-of-tree - out-of-tree kernel {module, exploit} development tool - 基于QEMU

Windows

• tandasat/GuardMon - Hypervisor based tool for monitoring system register accesses
• trailofbits/winchecksec - Checksec, but for Windows

Virtual Machines

• xairy/vmware-exploitation - A bunch of links related to VMware escape exploits

101

• raminfp/linux_exploit_development - Linux Exploit Development Techniques

Uncategorized

• Gallopsled/pwntools - CTF framework and exploit development library
• JonathanSalwan/ROPgadget - search your gadgets on your binaries to facilitate your ROP exploitation
• googleprojectzero/symboliclink-testing-tools - This is a small suite of tools to test various symbolic link types of Windows
• nongiach/arm_now - a qemu powered tool that allows instant setup of VM for testing binaries built for different CPU architectures
• WinHeapExplorer/WinHeap-Explorer - WinHeap Explorer repository
• fireeye/flare-kscldr - FLARE Shellcode Loader
• Dynatrace/superdump - A service for automated crash-dump analysis
• j00ru/windows-syscalls - Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
• joxeankoret/membugtool - A DBI tool to discover heap memory related bugs
• Boyan-MILANOV/ropgenerator - a tool that helps you building ROP exploits by finding and chaining gadgets together
• ntdiff.github.io - NT Diff