Ring0

crazy hugsy

Elite
@hugsy

Exploit Dev & OffSec Tool Dev

gef. GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

8.3k

cemu. Cheap EMUlator: lightweight multi-architecture assembly playground

1k

defcon_27_windbg_workshop. DEFCON 27 workshop - Modern Debugging with WinDbg Preview

748

gdb-static. Public repository of statically compiled GDB and GDBServer

396

CFB. CFB is a ProcMon-style tool designed to assist capturing IRPs sent to Windows drivers.

333

windbg_js_scripts. Toy scripts for playing with WinDbg JS API

243

stuff. Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

228

proxenet. The ONLY hacker friendly proxy for webapp pentests.

223

gef-extras. Extra goodies for GEF to (try to) make GDB suck even less

181

pwn--. pwn++ is a Windows & Linux library oriented for exploit dev but mostly used to play with modern C++ features

174

binja-retdec. Binary Ninja plugin to decompile binaries using RetDec API

166

ctfhub. Where CTFs happen

81

recon_2024_windbg_workshop. JavaScript

74

binja-headless. Binja (sort of) headless

72

gef-binja. Interface GDB-GEF with Binary Ninja

57

jdwp-shellifier. Python

49

codebro. Web based code browser using clang to provide basic code analysis.

47

modern.ie-vagrant. Modern.ie for Vagrant

42

bochscpu-python. Python bindings for BochsCPU

39

ida-headless. IDA (sort of) headless

28

modern. A tool to unify the command line of Windows/Linux/MacOS using modern Rust tools

25

modern-cpp-windows-driver-template. Windows driver template, using C++20 & cmake & GithubActions

25

shared-kernel-user-section-driver. Experiment to use sections as User/Kernelmode comm vector

22

ropgadget-rs. Another (bad) ROP gadget finder, but this time in Rust

22

gef-legacy. Legacy version of GEF running for GDB+Python2

19

hevd. Public repository for HEVD exploits

19

sstoper. SSTP VPN client for Linux

19

proxenet-plugins. Repository for proxenet plugins

14

bakassabl. Cheap Linux sandboxer based on seccomp

8

pywii. PyWii is a tool to help you control your PC from your Wiimote using Bluetooth.

8

gef-docker. Ready to use Docker environment for GEF (used for https://demo.gef.blah.cat gef/gef-demo)

8

dji-joe. DJI Phantom3 takeover framework

6

socat-rs. A port forwarder for Windows written in 10min. Don't expect much from it...

6

systeminformer. A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com

6

modern-cpp-template. A template repository for my C++ projects, with docs and CI

5

twisted-honeypots. SSH, FTP and Telnet honeypots based on Twisted

4

gef-structs. Open repositories of custom structures for GDB Enhanced Features (GEF)

4

dji-jane. DJI Phantom3 detection tool - server part of DJI-Joe

2

dufe. Dummy Universal Fuzzer Ever

2

CFB-cli. Command line tools for CFB

2

hugsy.

2

TransitionalPeriod. Experiment on producing Ring 0 to Ring 3 transition shellcode in C for x64 / x86. Uses PsSetContextThread() to direct execution. Interrupt Request Level ( IRQL ) Migration From DISPATCH_LEVEL to PASSIVE_LEVEL is done via Work Items

2

pwn--template. Kickstart C++ exploits with pwn++, with auto-build by GithubActions

1

winspy. WinSpy++

1

Windows-Server-2003. This is the leaked source code of Windows Server 2003

1

sweetmon2. 'SWEETMON2' is a fuzzer monitoring service based Python3 + Django2. User can manage their fuzzers and crashes on the web. It can reduce repetitive work for fuzz testers.

1

Win10-LPE. The Windows 10 LPE exploit written by SandboxEscaper

1

FindWDK. CMake module for building drivers with Windows Development Kit (WDK)

1

Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC. Windows_OS_Internals_Curriculum_Resource_Kit-ACADEMIC

1

winipt. The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool.

1
50
Apply