Dmytro Oleksiuk

Elite
@Cr4sh

๐Ÿ˜ˆ zero-fucks-given infosec research | info: ๐Ÿ”— keybase.io/d_olex

s6_pcie_microblaze. PCI Express DIY hacking toolkit for Xilinx SP605. This repository is also home of Hyper-V Backdoor and Boot Backdoor, check readme for links and info

876

ThinkPwn. Started as arbitrary System Management Mode code execution exploit for Lenovo ThinkPad model line, ended as exploit for industry-wide 0day vulnerability in machines of many vendors

707

SmmBackdoor. First open source and publicly available System Management Mode backdoor for UEFI based platforms. Good as general purpose playground for various SMM experiments.

626

MicroBackdoor. Small and convenient C2 tool for Windows targets

615

KernelForge. A library to develop kernel level Windows payloads for post HVCI era

517

openreil. Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)

511

WindowsRegistryRootkit. Kernel rootkit, that lives inside the Windows registry values data

507

SmmBackdoorNg. Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks

374

fwexpl. PC firmware exploitation tool and library

262

PeiBackdoor. PEI stage backdoor for UEFI compatible firmware

229

ioctlfuzzer. Automatically exported from code.google.com/p/ioctlfuzzer

175

UEFI_boot_script_expl. CHIPSEC module that exploits UEFI boot script table vulnerability

138

pico_dma. Autonomous pre-boot DMA attack hardware implant for M.2 slot based on PicoEVB development board

103

DrvHide-PoC. Hidden kernel mode code execution for bypassing modern anti-rootkits.

84

smram_parse. System Management RAM analysis tool

83

PTBypass-PoC. Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.

80

IDA-VMware-GDB. Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub

79

Aptiocalypsis. Arbitrary SMM code execution exploit for industry-wide 0day vulnerability in AMI Aptio based firmwares

78

qc_debug_monitor. Debug messages monitor for Qualcomm cellular modems

75

zc_pcie_dma. DMA attacks over PCI Express based on Xilinx Zynq-7000 series SoC

73

Code-coverage-analysis-tools. Code coverage analysis tools for the PIN Toolkit

60

secretnet_expl. LPE exploits for Secret Net and Secret Net Studio

54

MsFontsFuzz. OpenType font file format fuzzer for Windows

53

DbgCb. Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications

37

SimpleUnpacker. Simple tool for unpacking packed/protected malware executables.

32

prl_guest_to_host. Guest to host VM escape exploit for Parallels Desktop

28

IDA-UbiGraph. IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph

25

efiXplorer. IDA plugin for UEFI firmware analysis and reverse engineering automation

15

r0ak. r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems

11

vmlinux-to-elf. A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)

5

capstone. Capstone disassembly/disassembler framework: Core (Arm, Arm64, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, Java, Ocaml)

5

blog. Stuff for blog.cr4.sh website

5

masscan. TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

5

PowerShell-Suite. My musings with PowerShell

3

portage. Portage Package Manager - this is just a mirror, see https://wiki.gentoo.org/wiki/Project:Portage#Contributing_to_Portage

2

chipsec. Platform Security Assessment Framework

2
36
Apply