felixwilhelm / mario_baslr
PoC for breaking hypervisor ASLR using branch target buffer collisions
☆166Updated 8 years ago
Alternatives and similar repositories for mario_baslr:
Users that are interested in mario_baslr are comparing it to the libraries listed below
- An open source, multi-architecture ROP compiler written in python☆161Updated 7 years ago
- Library for creating CTF services.☆74Updated 8 years ago
- Small tool for generating ropchains using unicorn and z3☆198Updated 7 years ago
- Automated Return-Oriented Programming Chaining☆84Updated 8 years ago
- A program to draw rectangles from heap traces.☆133Updated 5 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 8 years ago
- High-throughput fuzzer and emulator of DECREE binaries☆242Updated 5 years ago
- aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.☆171Updated 10 years ago
- Synesthesia, implemented as Yices scripts☆94Updated 7 years ago
- Implementation of G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries☆95Updated 6 years ago
- Short, unrelated helper scripts for users of AFL (the fuzzer)☆111Updated 8 years ago
- ☆63Updated 9 years ago
- ☆236Updated 6 years ago
- ☆75Updated 10 months ago
- Notes on various topics I'm interested in☆158Updated 9 years ago
- GATEKEEPER: Inline and on-target defense☆119Updated 2 years ago
- ☆105Updated 10 years ago
- Nosy Newt is a simple concolic execution tool for exploring the input space of a binary executable program based in Triton☆61Updated 7 years ago
- Routines for hunting down kernel symbols.☆82Updated 14 years ago
- De Mysteriis Dom jemalloc☆65Updated 7 years ago
- Semantic Binary Code Analysis Framework☆125Updated 9 years ago
- A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations.☆185Updated 2 years ago
- ☆159Updated 10 years ago
- Symbolic Execution Tool in r2☆104Updated 3 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆133Updated 9 years ago
- American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries☆187Updated 3 years ago
- A linux system call fuzzer using TriforceAFL☆176Updated last year
- Slides and very basic examples☆111Updated 7 years ago
- A clone (of the basic core) of AFL fuzzer☆74Updated 9 years ago
- ☆162Updated 8 years ago