Fuzzilli
0 (0)
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
A small library that allows you to run basic functions from stripped binaries cross platform. This library is designed for you to be able to quickly call functions from a stripped binary. All you need is the file name, the function offset, and the function signature. You can get these by reverse engineering the binary in IDA or Binary Ninja. void *import(char *file, size_t offset) #include "ctf_import.h" int main() { int (* fib)(int); // a.out is a binary with a fibonacci function at offset 0xf00 fib = (int (*)(int)) import("a.out", 0xf00); printf("%d %d %d %d %d\n", fib(1), fib(2), fib(3), fib(4), fib(5)); } To compile: $ gcc example.c ctf_import.c -o example $ ./example > 1 1 2 3 5 Notes: Although the code will run "cross-OS", it will not run cross architecture. Additionally, this does not handle syscalls and anything that interacts with globals.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.