Austin, TX

Joshua J. Drake

Elite
@jduck

Securing the future through modern technology.

asus-cmd. ASUS Router infosvr UDP Broadcast root Command Execution

252

cve-2015-1538-1. An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution

204

android-cluster-toolkit. The Android Cluster Toolkit helps organize and manipulate a collection of Android devices.

110

lk-reducer. Linux Kernel Source Tree Reducer

81

challack. Proof-of-concept exploit code for CVE-2016-5696

76

canhazaxs. A tool for enumerating the access to entries in the file system of an Android device.

66

privmap. A tool for enumerating the effective privileges of processes on an Android device.

53

VulnWebView. Java

44

addjsif. Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)

36

file-dissect. File Dissect is a cross-platform framework and UI for analyzing various file formats. It is based on wxWidgets since it provides a native feel regardless of base OS.

21

rootadb. restart adbd with root privileges

11

harry_potter. Write-up and such for the 2014 Plaid CTF harry_potter exploitation challenge

10

CVE-2015-3636-fi01. PoC code for 32 bit Android OS

8

metasploit-payloads. Unified repository for different Metasploit Framework payloads

5

socks_scan. Unoriginally named SOCKS proxy scanner from the days of old (2002)

5

drozer. D

5

jfap. A simple 802.11 fake access point that supports open auth

5

bs25-slides. Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25

4

radare2. unix-like reverse engineering framework and commandline tools

4

csw-slides-2024. Slides for Developing Secure Software in 2024 at CanSecWest

4

bap. Binary Analysis Platform

4

nsc. A netcat clone using libnsock

4

idarub. Ruby plugin for IDAPro

4

nsock. Ninja Socket Library

4

rp. rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested on several OS: Debian / Windows 8.1 / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible and supports Intel syntax. Standalone executables can also be directly downloaded.

3

metasploit-framework. Fork of Metasploit Framework

3

openbts. GSM+GPRS Radio Access Network Node

3

doar-e.github.io. Diary of a reverse-engineer

3

capstone. Capstone disassembly/disassembler framework: Core (Arm, Arm64, Mips, PPC, Sparc, SystemZ, X86, X86_64, XCore) + bindings (Python, Java, Ocaml)

2

mettle. Fork of Rapid7's mettle payload

2

sf_lvars. Superfluous local variable Hex-Rays de-compiler plugin (from 2009)

2

chrome-bookmark-del-fix. A tool to patch Chrome's resources.pak to fix an annoying bug in the bookmark manager

2

radare2-regressions. Regression Tests for the Radare2 Reverse Engineer's Debugger

2

androiddevice.info. Android app collecting device information and submiting it to www.androiddevice.info

2

theos. Unified cross-platform iPhone Makefile system

2

jduck.github.com. Personal site

2

ddi. ddi - Dynamic Dalvik Instrumentation Toolkit

2

libircii. A C library for parsing IrcII protocol

2

cve-2014-0521.

2

insomnihack-2015-teaser. My challenge solutions for Insomni'Hack Teaser 2015

2

truecrypt-archive. Archive of older truecrypt releases

1

yez. A tiny raw-irc program using libnsock/libircii

1

ELFIO. ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a header only C++ library

1

vixr. A (new&improved) Ruby Bridge to the VMware VIX API

1

KUNAI-static-analyzer. Tool aimed to provide a binary analysis of different file formats through the use of an Intermmediate Representation.

1
45
Apply