anamnesis-release. Automatic Exploit Generation with LLMs
624o3_finds_cve-2025-37899. Artefacts for blog post on finding CVE-2025-37899 with o3
354HeapLayout. Source code for paper 'Automatic Heap Layout Manipulation for Exploitation'
101funserialize. Scripts and auxiliary files for fuzzing PHP's unserialize function
45Malamute. Malamute is a fuzzing toolkit initially developed to aid with regression-test based fuzzing of language interpreters
28InterParser. A collection of scripts based on libclang for extracting API information from interpreters
24claude_opus_cve_2023_0266. Demo showing Claude Opus does not find CVE-2023-0266
17AliasExamples. CodeQL
4ShapeShifter. An heap allocator that allows a particular layout to be selected
4Entomology. Bugs! Both security relevant and otherwise.
4BitVectorDemos. Some small demo scripts for SMTLIB and Z3 basics
4otel-profiling-agent. The production-scale datacenter profiler
4DotFiles. Files for initialising my environment on OS X and Linux
3ksmbd-vuln-research. A report on my ongoing vulnerability research on ksmbd
2Arjun. HTTP parameter discovery suite.
2sysgrok. LLM-driven assistant for analyzing, understanding and optimizing systems
2superopt. A superoptimizing compiler for packet-processing
2xdev-buildroot. Makefile
2amass. In-depth attack surface mapping and asset discovery
1ctf-archives. CTF Archives: Collection of CTF Challenges.
1puredns. Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
1fuzztruction-net. Rust
1google_benchmark_plot. A handy script to visualize google benchmark output
1PerfBinaryStaticAnalysis. Experimental scripts for detection of potential performance issues in binaries
1AdventOfCode. https://adventofcode.com/
1pedantrs. A Rust linter, purely for educational purposes
1ebpf-blade. Program slicer for eBPF
1ParaDySE. C
1