Alternatives and similar repositories for qemu-vm-escape:

Users that are interested in qemu-vm-escape are comparing it to the libraries listed below

• matrix1001 / heapinspect
  🔍Heap analysis tool for CTF pwn.
  ☆221Updated 3 years ago
• googleprojectzero / bochspwn
  A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
  ☆334Updated 5 years ago
• linhlhq / TinyAFL
  ☆197Updated 2 years ago
• niklasb / hack2win-chrome
  This is collaborative work of Ned Williamson and Niklas Baumstark
  ☆132Updated 5 years ago
• scwuaptx / CTF
  Some CTF write up
  ☆245Updated 3 years ago
• CptGibbon / House-of-Corrosion
  A description of the "House of Corrosion" GLIBC heap exploitation technique.
  ☆222Updated 4 years ago
• str8outtaheap / heapwn
  Linux Heap Exploitation Practice
  ☆379Updated 6 years ago
• Mipu94 / peda-heap
  Some new commands debug heap for peda
  ☆99Updated 5 years ago
• googleprojectzero / bochspwn-reloaded
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆301Updated 6 years ago
• PAGalaxyLab / uniFuzzer
  A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
  ☆343Updated 5 years ago
• david942j / ctf-writeups
  Collection of scripts and writeups
  ☆320Updated 3 years ago
• k0keoyo / Some-Kernel-Fuzzing-Paper
  Some kernel fuzzing paper about windows and linux
  ☆254Updated 7 years ago
• SB-GC-Labs / hAFL1
  ☆136Updated 3 years ago
• fgsect / unicorefuzz
  Fuzzing the Kernel Using Unicornafl and AFL++
  ☆299Updated 2 years ago
• scwuaptx / LazyFragmentationHeap
  WCTF 2019 challenge
  ☆99Updated 5 years ago
• mxmssh / drAFL
  AFL + DynamoRIO = fuzzing binaries with no source code on Linux
  ☆246Updated 5 years ago
• ret2p4nda / kernel-pwn
  ☆171Updated 5 years ago
• niklasb / 3dpwn
  VirtualBox 3D exploits & PoCs
  ☆160Updated 6 years ago
• googleprojectzero / DrSancov
  DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
  ☆206Updated 3 years ago
• A-0-E / writeups
  Write-ups from A*0*E.
  ☆197Updated 4 years ago
• PaoloMonti42 / salt
  SALT - SLUB ALlocator Tracer for the Linux kernel
  ☆150Updated 6 years ago
• wmliang / pe-afl
  ☆245Updated 4 years ago
• StarCross-Tech / heap_exploit_2.31
  ☆222Updated 4 years ago
• andreafioraldi / angrgdb
  Use angr inside GDB. Create an angr state from the current debugger state.
  ☆198Updated 4 years ago
• vngkv123 / aSiagaming
  My Chrome and Safari exploit code + write-up repo
  ☆528Updated 3 years ago
• anic / ida2pwntools
  a IDA 7.0 plugins that helps to attach process created by pwntools and debug pwn
  ☆70Updated 2 years ago
• ucsb-seclab / difuze
  Fuzzer for Linux Kernel Drivers
  ☆377Updated 2 years ago
• saaramar / 35C3_Modern_Windows_Userspace_Exploitation
  ☆153Updated 6 years ago
• a13xp0p0v / kernel-hack-drill
  Linux kernel exploitation experiments
  ☆199Updated 2 weeks ago
• Zon8Research / v8-vulnerabilities
  Corpus of public v8 vulnerability PoCs.
  ☆211Updated 3 years ago