This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Android 14 kernel exploit for Pixel7/8 Pro

Repository with text of DMCA takedown notices as received. GitHub does not endorse or adopt any assertion contained in the following notices. Users identified in the notices are presumed innocent u…

QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Some helpful preload libraries for pwning stuff.

american fuzzy lop for network fuzzing (unofficial) -- official afl site is http://lcamtuf.coredump.cx/afl/

Awesome-Cellular-Hacking

Virtual Machine Introspection, Tracing & Debugging

A collection of various awesome lists for hackers, pentesters and security researchers

Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode

Runtime Process Manipulation

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

syzkaller is an unsupervised coverage-guided kernel fuzzer

Automated static analysis tools for binary programs

afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.

Ghidra is a software reverse engineering (SRE) framework

Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection

PoC of modifying HexRays AST

L1TF (Foreshadow) VM guest to host memory read PoC

Disassembly of Pokémon Red/Blue

A tool for matching and diffing source codes directly against binaries.

A collection of links related to Linux kernel security and exploitation

My proof-of-concept exploits for the Linux kernel

Cross Translation Unit analysis capability for Clang Static Analyzer. (Fork of official clang at http://llvm.org/git/clang)

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

linux-kernel-exploits Linux平台提权漏洞集合