exploit_me Logo

exploit_me

0
Free
Visit Website

Very vulnerable ARM/ARM64[AARCH64] application (CTF style exploitation tutorial, portable to other platforms) (c) B.Kerler 2018-2020 Why: Some of my friends asked me if I could do some examples of exploitable stuff I've seen in real-world the past years for ARM/ARM64[AARCH64]/others. So, for training purposes, I thought: Why not :) Current vulnerabilities: Level 1: Integer overflow Level 2: Stack overflow Level 3: Array overflow Level 4: Off by one Level 5: Stack cookie Level 6: Format string Level 7: Heap overflow Level 8: Structure redirection / Type confusion Level 9: Zero pointers Level 10: Command injection Level 11: Path Traversal Level 12: Return oriented programming (ROP) Level 13: Use-after-free Level 14: Jump oriented programming (JOP) Install on Debian/Ubuntu System: Download the repo git clone https://github.com/bkerler/exploit_me Install needed tools on host (Ubuntu) ~$ cd exploit_me ~/exploit_me $ ./script/setup.sh Usage hints: See hints.txt for a start. For trying if it works : *** 32-Bit: $ ./bin/exploit *** 64-Bit: $ ./bin/exploit64 Example debugging session: $ sudo ./scripts/disableaslr.sh (Disable aslr, don't run if you want more fun) (Path dir1/dir2 n

FEATURES

ALTERNATIVES

Modular framework for web services penetration testing with support for various attacks.

A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.

A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.

Redboto is a collection of scripts for red team operations against the AWS API.

A front-end JavaScript toolkit for creating DNS rebinding attacks

SharpEDRChecker scans system components to detect security products and tools.

A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.

Check if a domain is in the Alexa or Cisco top one million domain list.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved