0xcl / clang-cfi-bypass-techniquesView external linksLinks
Exploitation techniques to bypass Clang CFI when applied to Chromium
☆114Mar 5, 2018Updated 7 years ago
Alternatives and similar repositories for clang-cfi-bypass-techniques
Users that are interested in clang-cfi-bypass-techniques are comparing it to the libraries listed below
Sorting:
- This is the Pwn2Own 2017 Safari backup vul's exploit.☆116Mar 25, 2019Updated 6 years ago
- Code and slides for Zer0Con 2018 talk: Building a 1-day Exploit for Google Chrome☆156Apr 1, 2018Updated 7 years ago
- GDB plugin to dump SECCOMP rules set via prctnl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER)☆22Mar 13, 2016Updated 9 years ago
- Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels☆590Jan 10, 2019Updated 7 years ago
- keynote I gave at GreHack 2019☆19Nov 17, 2019Updated 6 years ago
- ☆386Oct 28, 2019Updated 6 years ago
- ☆17May 13, 2019Updated 6 years ago
- A clang analyzer checker that looks for kernel uninitialized memory disclosures to userland.☆58Jan 5, 2019Updated 7 years ago
- Source code and exploits for some 35c3ctf challenges.☆143Dec 30, 2018Updated 7 years ago
- ☆95Apr 2, 2019Updated 6 years ago
- VirtualBox 3D exploits & PoCs☆162Jan 24, 2019Updated 7 years ago
- Materials from Fuzzing Bay Area meetups☆68Dec 20, 2019Updated 6 years ago
- Clang instrumentation module for tracing variable and buffer comparisons in C/C++ and saving the coverage data to .sancov files☆202Mar 14, 2019Updated 6 years ago
- Seeding fuzzers with symbolic execution☆203Oct 20, 2017Updated 8 years ago
- A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3☆310Feb 24, 2019Updated 6 years ago
- Fuzzer for Linux Kernel Drivers☆384Apr 30, 2022Updated 3 years ago
- My Chrome and Safari exploit code + write-up repo☆531Nov 5, 2021Updated 4 years ago
- Linux kASLR (Intel TSX/RTM) bypass static library☆77Oct 15, 2017Updated 8 years ago
- Implementation of G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries☆96Aug 22, 2018Updated 7 years ago
- A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer☆344Aug 23, 2019Updated 6 years ago
- This is collaborative work of Ned Williamson and Niklas Baumstark☆132Jul 20, 2019Updated 6 years ago
- Webkit JavascriptCore Array unshift function had a race condition, it leads to RCE.☆44Dec 5, 2023Updated 2 years ago
- A demo project for AFL with QEMU Augmented Instrumentation (qai)☆44Nov 22, 2016Updated 9 years ago
- DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables☆215Sep 17, 2021Updated 4 years ago
- Chakra vulnerability and exploit bypass all system mitigation☆82Jun 9, 2018Updated 7 years ago
- Hardcore corruption of my execve() vulnerability in WSL☆217Feb 2, 2018Updated 8 years ago
- A list of my CVE's with POCs☆680Dec 15, 2020Updated 5 years ago
- Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018☆180Feb 7, 2024Updated 2 years ago
- A Javascript library for browser exploitation☆894Feb 12, 2019Updated 7 years ago
- Fuzzing the Kernel Using Unicornafl and AFL++☆305Jan 2, 2023Updated 3 years ago
- Unstripped iOS Kernels☆219Feb 11, 2020Updated 6 years ago
- A tool for debugging macOS virtual machines☆113Jul 28, 2020Updated 5 years ago
- Some kernel fuzzing paper about windows and linux☆255Oct 9, 2017Updated 8 years ago
- ☆91Jul 31, 2019Updated 6 years ago
- AFL/QEMU fuzzing with full-system emulation.☆640Sep 9, 2018Updated 7 years ago
- Have fun with the LowFragmentationHeap☆253Feb 3, 2021Updated 5 years ago
- Some kernel exploits☆146Nov 7, 2017Updated 8 years ago
- Proof-of-Concept exploit for jscript9 bug (MS16-063)☆50Jun 27, 2016Updated 9 years ago
- exploit development☆49Mar 14, 2018Updated 7 years ago