Exploit-Challenges Logo

Exploit-Challenges

0
Free
Visit Website

Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play around with and test their skills! These binaries are all built as ARMv7 Mach-O executables (unless specified otherwise) so it is recommended that you use a 32bit jailbroken iOS device with radare2 or another debugging utility installed to test them. ARM 32-bit: - roplevel1: simple introduction to Return Oriented Programming with a simple objective - roplevel2: same idea as level 1 but with a new objective - roplevel3: more advanced use of ROP - roplevel4: dealing with ASLR (infoleak) - roplevel5: same as lvl4 but requires exploitation of format string vuln for the info leak - roplevel6: execute ROP chain by making use of a stack pivot - roplevel7: off-by-one vulnerability Heap 32-bit: - heaplevel1: simple heap based overflow example - heaplevel2: Use-After-Free exploit - heaplevel3: double free() ARM 64-bit: - roplevel1-64: 64-bit version of roplevel1 - roplevel6-64: 64-bit version of roplevel6 Help & Guidance: Write-ups/explanations on some of the binaries can be found on the creator's YouTube channel or in their book 'Beginner's Guide'

FEATURES

ALTERNATIVES

Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.

A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.

An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

Exploiting WordPress With Metasploit, containing 45 modules for exploits and auxiliaries.

A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.

Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

Modular framework for pentesting Modbus protocol with diagnostic and offensive features.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved