OneGadget Logo

OneGadget

0
Free
Visit Website

When playing CTF pwn challenges, the OneGadget tool helps find RCE (remote code execution) gadgets that lead to calling execve('/bin/sh', NULL, NULL). It uses symbolic execution to find the constraints of gadgets to be successful. Installation is available on RubyGems.org, and it supports architectures like i386, amd64, and aarch64. The tool can be used via the command line interface with options to specify the build ID, force file search, output level, and order gadgets by their distance to specific functions or files.

FEATURES

ALTERNATIVES

CTF toolkit for rapid exploit development and prototyping.

Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.

Collection of Return-Oriented Programming challenges for practicing exploitation skills.

A post-exploitation tool for pentesting Active Directory

A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection

A tool for enumerating and attacking GitHub Actions pipelines

A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.

A subdomain enumeration tool for bug hunting and pentesting