UNIX-like reverse engineering framework and command-line toolset

n³ The unorthodox terminal file manager

A native, user-mode, multi-process, graphical debugger.

Code from various chapters in OSTEP (http://www.ostep.org)

State-of-the-art native debugging tools

A self-contained cryptographic library for Python

tic-tac-toe in a single call to printf

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.

CVE-2021-4034 1day

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Resources related to GitHub Security Lab

My proof-of-concept exploits for the Linux kernel

A dump repository of my dotfiles since the first time I learned ricing. So everything is really messy here.

Clean, portable, tested implementations of post-quantum cryptography

Winnie makes fuzzing Windows applications easy

CVE-2022-0995 exploit

Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing K…

Dynamic Memory Management for Serving LLMs without PagedAttention

CVE-2022-25636

The first analysis framework for CPU microcode

Pahole and the dwarves

Write dynamic binary analysis tools in Python

Exploit for CVE-2022-29582 targeting Google's Kernel CTF

Simplified Assembly Loader - a small tool to run (headerless) machine code.

Code execution via corrupting mmap malloc chunks with ASLR bypass

Source files and writeups for UTCTF 2020

ASLREKT is a proof of concept for an unfixed generic local ASLR bypass in Linux.