Alternatives and similar repositories for qemu-vm-escape

Users that are interested in qemu-vm-escape are comparing it to the libraries listed below

• k0keoyo / Some-Kernel-Fuzzing-Paper
  Some kernel fuzzing paper about windows and linux
  ☆254Updated 7 years ago
• scwuaptx / LazyFragmentationHeap
  WCTF 2019 challenge
  ☆103Updated 6 years ago
• scwuaptx / CTF
  Some CTF write up
  ☆251Updated 2 weeks ago
• Mipu94 / peda-heap
  Some new commands debug heap for peda
  ☆100Updated 5 months ago
• linhlhq / TinyAFL
  ☆198Updated 2 years ago
• niklasb / hack2win-chrome
  This is collaborative work of Ned Williamson and Niklas Baumstark
  ☆132Updated 6 years ago
• matrix1001 / heapinspect
  🔍Heap analysis tool for CTF pwn.
  ☆222Updated 4 years ago
• wmliang / pe-afl
  ☆249Updated 4 years ago
• CptGibbon / House-of-Corrosion
  A description of the "House of Corrosion" GLIBC heap exploitation technique.
  ☆223Updated 4 years ago
• googleprojectzero / bochspwn
  A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
  ☆340Updated 6 years ago
• saelo / 35c3ctf
  Source code and exploits for some 35c3ctf challenges.
  ☆142Updated 6 years ago
• PAGalaxyLab / uniFuzzer
  A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
  ☆342Updated 6 years ago
• anic / ida2pwntools
  a IDA 7.0 plugins that helps to attach process created by pwntools and debug pwn
  ☆72Updated 2 years ago
• fgsect / unicorefuzz
  Fuzzing the Kernel Using Unicornafl and AFL++
  ☆302Updated 2 years ago
• f1yyy / RealWorldCTF
  All virtualization escape challenges and writeups in RealWorldCTF
  ☆89Updated 6 years ago
• googleprojectzero / bochspwn-reloaded
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆307Updated 6 years ago
• saaramar / 35C3_Modern_Windows_Userspace_Exploitation
  ☆154Updated 6 years ago
• niklasb / 3dpwn
  VirtualBox 3D exploits & PoCs
  ☆161Updated 6 years ago
• allpaca / V8Harvest
  The Harvest of V8 regress.
  ☆137Updated 5 years ago
• romanking98 / House-Of-Roman
  RCE through Leakless HeapFengShui, fastbin alloc anywhere.
  ☆81Updated 6 years ago
• Geluchat / chrome_v8_exploit
  A collection of 1days and solutions to challenges related to v8/chrome I developed
  ☆158Updated 5 years ago
• vngkv123 / aSiagaming
  My Chrome and Safari exploit code + write-up repo
  ☆530Updated 3 years ago
• A-0-E / writeups
  Write-ups from A*0*E.
  ☆197Updated 5 years ago
• shift-crops / EscapeMe
  TokyoWestens CTF 4th 2018 EscapeMe challenge
  ☆89Updated 7 years ago
• mxmssh / drAFL
  AFL + DynamoRIO = fuzzing binaries with no source code on Linux
  ☆248Updated 5 years ago
• angr / phuzzer
  The new phuzzing framework!
  ☆161Updated last year
• SB-GC-Labs / hAFL1
  ☆138Updated 4 years ago
• PaoloMonti42 / salt
  SALT - SLUB ALlocator Tracer for the Linux kernel
  ☆153Updated 7 years ago
• andreafioraldi / angrgdb
  Use angr inside GDB. Create an angr state from the current debugger state.
  ☆200Updated 5 years ago
• StarCross-Tech / heap_exploit_2.31
  ☆225Updated 4 years ago