labeless Labeless is a plugin system for dynamic, seamless and real-time synchronization between IDA Database and debugs backend. It consists of two parts: IDA plugin and debugs backend’s plugin. Labeless significantly...
exploit_me Very vulnerable ARM/ARM64 application (CTF style exploitation tutorial for ARM/ARM64, but portable to other platforms). Why: Some of my friends asked me if I could do some examples of...
Malware Analysis / Reverse Engineering
by do son · Published December 23, 2018 · Last modified November 4, 2024
Shed is an application that allows inspecting the .NET runtime of a program in order to extract useful information. It can be used to inspect malicious applications in order to have...
DIRT: Driver Initial Reconnaissance Tool get an initial assessment of drivers installed on a Windows system (e.g. master images developed by OEMs or enterprises). It’s supposed to help with target...
beebug beebug is a tool that can be used to verify if a program crash could be exploitable. This tool was presented at r2con 2018 in Barcelona. Some implemented functionality are: Stack overflow...
PINCE PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games. However, it can be used for any reverse-engineering related stuff. PINCE is an abbreviation...
Lighthouse – Code Coverage Explorer for IDA Pro Overview Lighthouse is a code coverage plugin for IDA Pro. The plugin leverages IDA as a platform to map, explore, and visualize externally...
Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the...
HITCON-Training For Linux binary Exploitation Outline Basic Knowledge Introduction Reverse Engineering Static Analysis Dynamic Analysis Exploitation Useful Tool IDA PRO GDB Pwntool lab 1 – sysmagic Section Compile, linking, assembler...
IDArling is a collaborative reverse engineering plugin for IDA Pro and Hex-Rays. It allows synchronizing in real-time the changes made to a database by multiple users, by connecting together different instances of IDA...
GDB ‘exploitable’ plugin The ‘exploitable’ plugin (exploitable/exploitable.py) ‘exploitable’ is a GDB extension that classifies Linux application bugs by severity. The extension inspects the state of a Linux application that has...
Exploit-Challenges Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills! These binaries are all built...
Fuzzlyn Fuzzlyn is a fuzzer which utilizes Roslyn to generate random C# programs. It runs these programs on .NET core and ensures that they give the same results when compiled...
Triton is a dynamic binary analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a Taint Engine, AST representations of the x86 and the x86-64 instructions...
Exploitation / Reverse Engineering
by do son · Published November 12, 2018 · Last modified October 10, 2021
HeapHopper is a bounded model checking framework for Heap-implementations. HEAPHOPPER’s goal is to evaluate the exploitability of an allocator in the presence of memory corruption vulnerabilities in the application using...
Support Securityonline.info site. Thanks!
