3 repositorios
Utilities for identifying and chaining gadgets to bypass memory protections.
Distinct from Protection Bypassers: None of the candidates address ROP chain construction; this is a core binary exploitation capability.
Explore 3 awesome GitHub repositories matching security & cryptography · Return Oriented Programming Tools. Refine with filters or upvote what's useful.
Pwntools is a Python-based framework designed for rapid prototyping and automation in binary exploitation, reverse engineering, and security research. It serves as a comprehensive toolkit for interacting with local and remote processes, providing the primitives necessary to manage complex exploit workflows and streamline security analysis tasks. The framework distinguishes itself through its specialized capabilities for binary manipulation and automated exploit construction. It includes dedicated utilities for parsing executable file formats, assembling and disassembling machine code, and gen
Analyze binary files to identify gadgets and automatically construct functional exploit chains that bypass security protections like non-executable memory.
pwndbg is a GDB plugin and binary analysis framework designed for reverse engineering, exploit development, and low-level program analysis. It extends the core functionality of the debugger to provide advanced memory inspection and automation tools. The project distinguishes itself with specialized capabilities for heap analysis across glibc, jemalloc, and musl, as well as a comprehensive kernel debugging toolkit for inspecting Linux kernel tasks and slab allocators. It includes an integrated ROP gadget searcher for constructing exploit chains and an LLM-powered debugging assistant that provi
Searches binaries for return-oriented programming gadgets to facilitate the construction of exploit chains.
ROPgadget es una herramienta de análisis binario y desensamblador multiarquitectura diseñado para localizar secuencias de instrucciones utilizadas para la programación orientada al retorno (ROP). Funciona como un framework de desarrollo de exploits que identifica gadgets dentro de binarios para facilitar la creación de exploits de corrupción de memoria. La herramienta admite auditoría binaria cross-architecture, procesando código máquina de x86, ARM, MIPS y RISC-V. Proporciona una interfaz unificada para analizar diversos formatos de archivos ejecutables, incluyendo ELF, PE y Mach-O. Sus capacidades cubren el análisis de vulnerabilidades binarias y el desarrollo de payloads de exploit. Esto se logra mediante desensamblado de barrido lineal, búsqueda de gadgets basada en patrones y validación de secuencias de instrucciones para asegurar que los fragmentos identificados sean ejecutables.
Identifies and extracts instructional sequences in binaries to enable the construction of ROP-based exploits.