RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections
☆69Nov 13, 2025Updated 3 months ago
Alternatives and similar repositories for RetSpill
Users that are interested in RetSpill are comparing it to the libraries listed below
Sorting:
- Playing for {K (H) eaps}: Understanding and Improving Linux Kernel Exploit Reliability☆91May 12, 2022Updated 3 years ago
- ☆26May 10, 2021Updated 4 years ago
- A fast and powerful gadget finder and ROP chain generator. A research prototype for the ropbot paper accepted at NDSS'26.☆40Jan 22, 2026Updated last month
- GDB plug-in that helps exploiting the Linux kernel's SLUB allocator☆97Mar 29, 2023Updated 2 years ago
- Linux kernel privilege escalation techniques☆152Aug 9, 2024Updated last year
- ☆34Apr 14, 2025Updated 10 months ago
- ☆16Aug 19, 2024Updated last year
- The companion repository for the 39C3 talk: Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMU☆36Feb 4, 2026Updated 3 weeks ago
- Binary Exploitation Skill. Gain RCE from arbitrary write.☆244Dec 23, 2024Updated last year
- Attachment and official writeup for D^3CTF 2025's Pwn challenge - d3kheap2☆16Jul 2, 2025Updated 7 months ago
- ☆35Feb 4, 2026Updated 3 weeks ago
- LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.☆91Nov 23, 2023Updated 2 years ago
- PeTAL: Ensuring Access Control Integrity against Data-only Attacks on Linux (ACM CCS 2024)☆16Nov 4, 2024Updated last year
- SALT - SLUB ALlocator Tracer for the Linux kernel☆156Sep 10, 2018Updated 7 years ago
- Research developed by Allele Security Intelligence.☆17Jul 21, 2025Updated 7 months ago
- All challenges and writups of the GlacierCTF 2023☆16Feb 15, 2024Updated 2 years ago
- study https://github.com/n132/Libc-GOT-Hijacking☆15Dec 7, 2023Updated 2 years ago
- ☆13Dec 14, 2021Updated 4 years ago
- An XNU kernel race condition bug☆47Jan 30, 2025Updated last year
- Chrome Renderer 1day RCE via Type Confusion in Async Stack Trace (v8ctf submission)☆87Jun 3, 2024Updated last year
- My browser pwn collections. Mainly JavaScript engine stuff.☆33Jan 27, 2025Updated last year
- uacatcher open source repo☆22Jul 22, 2023Updated 2 years ago
- ☆189Feb 8, 2025Updated last year
- Analysis of the vulnerability☆50Jan 23, 2024Updated 2 years ago
- Find command injection and format string bugs in binaries☆17Feb 2, 2024Updated 2 years ago
- Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities☆91May 7, 2024Updated last year
- Exploit for Real World CTF 6th RIPTC.☆33Jan 31, 2024Updated 2 years ago
- A WIP cheat sheet for various linux kernel heap exploitation techniques (and privilige escalations).☆106Jan 13, 2026Updated last month
- kernel-pwn and writeup collection☆698Oct 2, 2023Updated 2 years ago
- ☆106Aug 9, 2024Updated last year
- A in-the-wild V8 type confusion bug.☆29Aug 8, 2025Updated 6 months ago
- PoC of fuzzing closed-source userspace binaries with KVM☆167May 4, 2024Updated last year
- SyzScope is a research project that aims to reveal high-risk security bugs on Syzbot. Learn more details in our paper.☆84Jan 20, 2025Updated last year
- ☆81Sep 7, 2023Updated 2 years ago
- SyzBridge is a research project that adapts Linux upstream PoCs to downstream distributions. It provides rich interfaces that allow you t…☆39Nov 26, 2024Updated last year
- Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your enviro…☆1,278Jan 29, 2026Updated 3 weeks ago
- A tool combining DWARF info and source to search for kernel heap objects☆24Dec 23, 2025Updated 2 months ago
- A hacky tool for analysing linux kernel commits☆38Feb 7, 2023Updated 3 years ago
- ☆20Dec 4, 2023Updated 2 years ago