Splunk Attack Range
0 (0)
Open-source project for building instrumented environments to simulate attacks and test detections.
Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills! These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them. ARM 32-bit: - roplevel1: simple introduction to Return Oriented Programming with a simple objective - roplevel2: same idea as level 1 but with a new objective - roplevel3: more advanced use of ROP - roplevel4: dealing with ASLR (infoleak) - roplevel5: same as lvl4 but requires exploitation of format string vuln for the info leak - roplevel6: execute ROP chain by making use of a stack pivot - roplevel7: off-by-one vulnerability Heap 32-bit: - heaplevel1: simple heap based overflow example - heaplevel2: Use-After-Free exploit - heaplevel3: double free() ARM 64-bit: - roplevel1-64: 64-bit version of roplevel1 - roplevel6-64: 64-bit version of roplevel6 Help & Guidance: Write-ups/explanations on some of the binaries can be found on the creator's YouTube channel or in their book 'Beginner's Guide'
Open-source project for building instrumented environments to simulate attacks and test detections.
A tool that checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names.
A blog post discussing the often overlooked dangers of CSV injection in applications.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A distributed systems and infrastructure simulator for attacking and debugging Kubernetes.
CTF toolkit for rapid exploit development and prototyping.
