bcoles / kasldLinks
Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address as an unprivileged local user, for the purpose of bypassing Kernel Address Space Layout Randomization (KASLR).
☆450Updated last year
Alternatives and similar repositories for kasld
Users that are interested in kasld are comparing it to the libraries listed below
Sorting:
- Kernel development & exploitation practice environment.☆233Updated last year
- Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL☆473Updated last year
- repository for kernel exploit practice☆406Updated 5 years ago
- Linux kernel exploitation experiments☆282Updated 3 weeks ago
- helps visualize heap operations for pwn and debugging☆323Updated 2 years ago
- A fuzzer for full VM kernel/driver targets☆733Updated last month
- A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative (currently x86 only)☆523Updated 2 months ago
- ☆164Updated 7 months ago
- ☆184Updated 6 months ago
- radius2 is a fast binary emulation and symbolic execution framework using radare2☆615Updated 8 months ago
- kernel-pwn and writeup collection☆644Updated last year
- ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together☆386Updated 2 years ago
- This Repository aims at giving a basic idea about Kernel Exploitation.☆521Updated last year
- Winnie makes fuzzing Windows applications easy☆562Updated 2 years ago
- Windows Pwnable Study☆372Updated 2 months ago
- ☆443Updated 10 months ago
- ☆326Updated last year
- Use angr in Ghidra☆604Updated last year
- GEF - GDB Enhanced Features for exploit devs & reversers☆523Updated this week
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆423Updated 4 months ago
- AFL binary instrumentation☆299Updated 7 months ago
- Vulnerability research notes for VirtualBox and QEMU. Contains debug environment setup notes, a PoC template, exploit primitive notes, an…☆190Updated last year
- Extra goodies for GEF to (try to) make GDB suck even less☆168Updated 5 months ago
- ☆256Updated 2 years ago
- Split information output of pwndbg output☆204Updated last year
- ☆182Updated last year
- A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS☆307Updated last week
- A Binary Ninja plugin for vulnerability research.☆296Updated 11 months ago
- A collection of pwn/CTF related utilities for Ghidra☆688Updated 11 months ago
- Snapshot-based coverage-guided windows kernel fuzzer☆320Updated 3 years ago