A collection of curated resources and CVEs I use for research.
☆107Aug 8, 2021Updated 4 years ago
Alternatives and similar repositories for browser-exploitation
Users that are interested in browser-exploitation are comparing it to the libraries listed below
Sorting:
- 2018 Advent Calendar browser pwnables☆15Feb 14, 2019Updated 7 years ago
- An updated collection of resources targeting browser-exploitation.☆828Mar 8, 2021Updated 4 years ago
- Full chain Chrome 71.0.3578.98 exploit☆22Jul 18, 2021Updated 4 years ago
- My Chrome and Safari exploit code + write-up repo☆531Nov 5, 2021Updated 4 years ago
- Security issues I've reported in Edge☆47Oct 19, 2022Updated 3 years ago
- ☆36Jun 14, 2021Updated 4 years ago
- A collection of 1days and solutions to challenges related to v8/chrome I developed☆162Oct 28, 2019Updated 6 years ago
- Exploit for a bug in TurboFan's typing of JSCall nodes for builtins kStringLastIndexOf and kStringIndexOf☆60Apr 25, 2019Updated 6 years ago
- JavaScript Fuzzing framework for v8☆144Jan 24, 2022Updated 4 years ago
- Include CVE vulnerability analyze, ctf pwn and documents for Browser-pwn☆189Dec 25, 2020Updated 5 years ago
- ☆146Aug 17, 2022Updated 3 years ago
- My journey through WebKit CVE-2016-4622 Exploitation process☆23Jul 29, 2025Updated 7 months ago
- ☆19Jan 31, 2023Updated 3 years ago
- Collection of browser challenges☆140May 3, 2021Updated 4 years ago
- ☆41Jan 26, 2024Updated 2 years ago
- Files for the "v9" challenge of 34C3 CTF. See the greeting message in server.go for more information about the challenge☆91Feb 14, 2019Updated 7 years ago
- Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018☆180Feb 7, 2024Updated 2 years ago
- A Collection of Chrome Sandbox Escape POCs/Exploits for learning☆860Jun 4, 2020Updated 5 years ago
- awesome list of browser exploitation tutorials☆2,267Sep 18, 2023Updated 2 years ago
- Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)☆13Nov 22, 2021Updated 4 years ago
- Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)☆61Jan 26, 2019Updated 7 years ago
- PoC exploit for CVE-2016-4622☆109Sep 18, 2023Updated 2 years ago
- ☆105Dec 9, 2019Updated 6 years ago
- ☆51Jul 20, 2020Updated 5 years ago
- A proper well structured documentation for getting started with chrome pwning & v8 pwning☆202Jul 27, 2022Updated 3 years ago
- Corpus of public v8 vulnerability PoCs.☆224Jun 5, 2021Updated 4 years ago
- Repo for talk slides & materials☆21Nov 22, 2024Updated last year
- Vulnerability research notes for VirtualBox and QEMU. Contains debug environment setup notes, a PoC template, exploit primitive notes, an…☆199Mar 14, 2024Updated last year
- Fuzzing JavaScript Engines with Aspect-preserving Mutation☆230Oct 18, 2023Updated 2 years ago
- ☆30Jul 18, 2025Updated 7 months ago
- Various debugging tools such as %DumpObjects for v8☆56Jan 23, 2019Updated 7 years ago
- ☆13Dec 14, 2021Updated 4 years ago
- A fast binary coverage measurement tool based on AFL's Qemu mode☆34Jun 6, 2021Updated 4 years ago
- Browser exploitation v8 and sandbox escape challenges with solutions.☆31May 10, 2022Updated 3 years ago
- Research related☆89Apr 5, 2022Updated 3 years ago
- ☆14Jun 21, 2020Updated 5 years ago
- Webkit Browser Exploitation Framework written in Javascript☆11Mar 3, 2019Updated 7 years ago
- ☆81Nov 17, 2022Updated 3 years ago
- A framework for static analysis of ROP exploits and programs☆41May 13, 2019Updated 6 years ago