ROPgadget is a command-line tool designed to search for ROP (Return-Oriented Programming) gadgets within binary files to assist with exploit development and ROP chain construction. The tool supports multiple binary formats including ELF, PE, Mach-O, and Raw formats across various architectures such as x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, and RISC-V Compressed. ROPgadget can be installed via PyPi using pip or compiled from source after installing the Capstone disassembly framework dependency. The tool provides cross-platform compatibility including Windows, iOS, Android, and Cygwin environments. Key functionality includes searching for specific gadgets within binaries, filtering results based on various criteria, and analyzing opcodes and strings within executable files. The tool offers command-line options for specifying target binaries, searching for specific opcodes or strings, setting search depth parameters, and applying filters to refine results. ROPgadget serves as a utility for security researchers and penetration testers who need to identify usable code sequences for constructing ROP chains during binary exploitation activities.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
SharpEDRChecker scans system components to detect security products and tools.
A digital archive of the internet, allowing users to capture and browse archived web pages.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.