drtychai / browser-exploitation
A collection of curated resources and CVEs I use for research.
☆102Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for browser-exploitation
- A collection of browser exploitation codes from Singular Security Lab.☆181Updated last year
- A proper well structured documentation for getting started with chrome pwning & v8 pwning☆188Updated 2 years ago
- harness for fuzzing with winafl. both public and my own which i have released.☆52Updated 3 years ago
- ☆21Updated 4 years ago
- ☆152Updated 5 years ago
- Fuzzing harnesses, corpora, scripts, and target-specific notes for fuzzing IrfanView☆23Updated 3 years ago
- An awesome list for Effective and Powerful harnesses for fuzzing using libfuzzer - fuzzers by Google☆73Updated 4 years ago
- JavaScript Fuzzing framework for v8☆133Updated 2 years ago
- A multi-platform fuzzer for poking at userland binaries, network clients and servers☆67Updated last month
- My conference presentations and Materials for them.☆32Updated 2 years ago
- A DOM fuzzer☆143Updated 2 years ago
- ☆113Updated 7 months ago
- Corpus of public v8 vulnerability PoCs.☆209Updated 3 years ago
- Exploit for a bug in TurboFan's typing of JSCall nodes for builtins kStringLastIndexOf and kStringIndexOf☆60Updated 5 years ago
- Banana Fuzzer ~ modulable, loop based, poc gen, code cov, platform agnostic, race oriented☆59Updated 2 years ago
- Windows Graphics Device Interface (GDI+) fuzzer☆126Updated 4 years ago
- qemu vulnerablity.☆51Updated 3 years ago
- Old and new CTFs about Linux kernel exploitation.☆50Updated 2 years ago
- Vulnerability research notes for VirtualBox and QEMU. Contains debug environment setup notes, a PoC template, exploit primitive notes, an…☆181Updated 7 months ago
- A collection of web browser CTF challenges and solutions.☆25Updated last year
- Code execution via corrupting mmap malloc chunks with ASLR bypass☆38Updated 2 years ago
- Fuzzing library written in/for python.☆84Updated 4 years ago
- Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)☆61Updated 5 years ago
- Automatic ROPChain Generation☆280Updated 4 years ago
- Research related☆89Updated 2 years ago
- Web user interface and service agent for the monitoring and remote management of WinAFL.☆50Updated 10 months ago
- Repository of the findings found by wtf when fuzzing IDA75.☆86Updated 3 years ago
- "Pwntools does not support Windows. Use a real OS ;)" — Zach Riggle, 2015☆79Updated 5 years ago
- Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CV…☆178Updated 2 years ago