Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

A repository for learning various heap exploitation techniques.

Software-Defined GPS Signal Simulator

JWT brute force cracker written in C

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0

Calling Python functions from the Ruby language

SQL / SQLI tokenizer parser analyzer

Crack and decrypt BLE encryption

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidSco…

[Linux] Two Privilege Escalation techniques abusing sudo token

afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.

Active Bluetooth BR/EDR Sniffer/Injector as cheap as any ESP32 board can get. Works with Scapy ;-)

Repo for FUZE project. I will also publish some Linux kernel LPE exploits for various real world kernel vulnerabilities here. the samples are uploaded for education purposes for red and blue teams.

This repository created for personal use and added tools from my latest blog post.

A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer

Owfuzz: a WiFi protocol fuzzing tool

The Scyther Tool for the symbolic analysis of security protocols

Crack php rand() state