SQL powered operating system instrumentation, monitoring, and analytics.

KLEE Symbolic Execution Engine

Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode

Hex-Rays Decompiler plugin for better code navigation

Obfuscation library based on C++11/14 and metaprogramming

An open source interactive disassembler

Fatal is a library for fast prototyping software in modern C++. It provides facilities to enhance the expressive power of C++. The library is heavily based on template meta-programming, while keepi…

dll injection tool that implements various methods

Smashing The Browser: From Vulnerability Discovery To Exploit

A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.

Incident Response & Digital Forensics Debugging Extension

A static checker for identifying unstable code.

HTTP/S Beaconing Implant

Release Branches for MoFlow

PatchGuard Research

Advanced buffer overflow and memory corruption security challenges

Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin

Extended oatdump from AOSP platform/art repo

Augmenting Static Reverse Engineering with Dynamic Analysis and Instrumentation

qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's graph windows with Windbg's position.

A complete, robust command-line utility to construct highly customized calls to the CreateProcess() Windows API. Released under a MIT or LGPL license.

A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.

OpenType font file format fuzzer for Windows

Generates a Python script to give public interface names in an ActiveX file to an IDB file.

A "general-purpose" tracing tool

Remote thread injected DLL libraries, support for windows 32-bit and 64-bit platforms

Applied Symbolic Execution with KLEE/LLVM

taint tracer/analysis pintool