OneGadget Logo

OneGadget

0
Free
Visit Website

When playing CTF pwn challenges, the OneGadget tool helps find RCE (remote code execution) gadgets that lead to calling execve('/bin/sh', NULL, NULL). It uses symbolic execution to find the constraints of gadgets to be successful. Installation is available on RubyGems.org, and it supports architectures like i386, amd64, and aarch64. The tool can be used via the command line interface with options to specify the build ID, force file search, output level, and order gadgets by their distance to specific functions or files.

FEATURES

ALTERNATIVES

A tool that scans for accessibility tools backdoors via RDP

Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.

A CRLF and open redirect fuzzer

A cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments

Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.

Redboto is a collection of scripts for red team operations against the AWS API.

A unified repository for different Metasploit Framework payloads.