Home / Linux / System utilities

Just a repo for random tools I've developed related to vulnerability research and exploit development.

Just a repo for random tools I've developed related to vulnerability research and exploit development.

Information

Category: Linux / System utilities
Watchers: 3
Star: 14
Fork: 0
Last update: Nov 29, 2020

Resource links

https://github.com/clevcode/vulndev-tools

vulndev-tools

Just a repository for random tools that can be helpful during vulnerability research and exploit development. For now, it only contains a script to set up a kernel debugging environment.

The tool works as-is for setting up kernel debugging environments for (at least) Ubuntu 14.04, 16.04, 18.04 and 20.04 kernels right now, and would be easy to adapt to support non-Ubuntu-based Linux distributions as well (would need some adaptations for each dist).

Dependencies: Multipass (https://multipass.run), QEMU, GDB and tmux.

To install dependencies under Ubuntu:

sudo snap install multipass
sudo apt-get -y install qemu-system-x86 gdb tmux

Pull requests are welcome. Examples of features to add:

Add getopts-based command line argument handling.
Add option for making system update-step optional.
Add option for specifying a specific kernel to install.
Add support for non-Ubuntu-based guests. For instance, CentOS: https://cloud.centos.org/centos/8/x86_64/images/CentOS-8-GenericCloud-8.2.2004-20200611.2.x86_64.qcow2
Add check for each of the dependencies, and for supported hosts, check for sudo-access and automatically install the required dependencies.
Add option for normal boot instead of using init=/bin/bash when starting the emulator. Need to provide QEMU command line options for using the built-in DHCP server etc as well in that case.
Determine the path to multipass instance data more reliably, rather than use a hardcoded path based on where it's installed by default when using "snap install multipass".
Add option and/or environment variable for the GDB server port to use, rather than the default 1234 (to allow for parallell kernel debugging environments running).
Feed customized cloud-init configuration to multipass launch, to set a password etc (comes in handy if we boot interactively in QEMU for a kernel-debugging session, rather than just use init=/bin/bash)

Example usage:

# Set up an Ubuntu 20.04-based VM and start a kernel source debugging session
./setup-kernel-debugging 20.04 dev

# The same as above, but with a specific "cloud image" URL
./setup-kernel-debugging \
  https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img \
  dev

The second argument (i.e. "dev" in the examples above) is just the name to use for the VM, and the directory where the files for the VM, as well as the scripts to run it, will be placed.

Read the source.

Sequoia exploit (7/20/21)

Fetches random integers from random.org instead of using PHP's PRNG implementation

Vulmap - Vulnerability scanning and verification tools

Cryptographically secure random strings, ints, and ranges in Golang

Generates random values

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Generate a random float

Generate a random integer

random-access-storage

random-access-storage instance backed by the Chrome file system api

TIGER is a Python toolbox to conduct graph vulnerability and robustness research

CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver

Curating a list of AutoML-related research, tools, projects and other resources

Tools, notes, and research related to reverse engineering the Decima Game Engine.

How to exploit a vulnerable windows driver. Exploit for AsrDrv104.sys

Typical random-related functions for JavaScript.

Make CVE-2020-0668 exploit work for version < win10 v1903 and version >= win10 v1903

JNDI-Exploit is an exploit on Java Naming and Directory Interface (JNDI) from the deleted project fromthe user feihong on GitHub.

ChrisTheCoolHut

CVE-2021-33909 Sequoia

This tool patches the CVE-2021-44228 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch

Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).

RedTeamPentesting

Exploit for WebSocket Vulnerability in Apache Tomcat

Share this repo

Related Repos

System utilities

24

Files used for reproducing Fuzzware's experiments

fuzzware-fuzzer

Fuzzware Experiments This directory contains the data required to reproduce the experiments from our USENIX 2022 publication Fuzzware: Using Precise M

System utilities

25

Presentation plugin for neovim written in lua

Chaitanyabsprip

Presenting.nvim A Presentation plugin written for Neovim in Lua Installation You can install Present with your plugin manager of choice with packer.nv

System utilities

3

Static analysis tool for Go that finds vulnerabilities using SSA (single static assignment...

GitHub Action: GoKart Security Static Analysis GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignm

System utilities

3

Railway for Alist

alist-railway Railway for Alist Usage Fork this repo Open Railway and click New Object Choose the repo that you forked and select the mysql branch Add

System utilities

19

Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumerati...

Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumeration> Live Domain Enumeration > Sub Domain Hijack > URL + JavaScript Scan > Dir Brute Forcing > Open Port Check With Telegram Bot Notification

System utilities

84

Extensible Neovim Scrollbar

nvim-scrollbar Extensible Neovim Scrollbar 🚧 WORK IN PROGRESS 🚧 This is a work in progress and breaking changes to the setup/config could occur in t

System utilities

5

😎😘 Free Windows 11 VPS for 4 Hours ! Easy Method!

Windows 11 RDP Here this tutorial using Azure Cloud Shell to create Virtual Machine on Microsoft Learn Sandbox. 😎 Its Four Hours RDP Completely Free

System utilities

3

My configuraion files

Welcome! Here you can find my Void Linux dotfiles. Overview OS: Void Window manager: bspwm Terminal: kitty Shell: zsh Bar: Polybar Compositor: picom P

System utilities

3

An especially small & quick & simple Algolia docsearch Indices upload action

algolia-docsearch-upload-action An especially small & quick & simple Algolia docsearch Indices upload action Usage - name: Algolia Docsearch Uploa

System utilities

35

A simple and transparent alternative to boot2docker (backed by Vagrant)

docker-vm The easiest way to get started with Docker on Mac OS X (tested on OS X Yosemite 10.10.1) and Windows (tested on Windows 10 Pro Insider Previ

System utilities

518

GitOps powered K8s app suite with developer self-service

Shift left with Otomi Otomi makes developers self-serving and helps DevOps teams to guarantee application security and availability at the earliest st

System utilities

102

Awesome Bug bounty builder Project

Awesome Bug Bounty Builder ¯\(ツ)/¯ Awesome Bug bounty builder Project - ALL common Tools for find your Vulnerabilities. Tested on Debian. Installation

System utilities

2

Ready-to-use VSCode setup to preview/convert markdown documents

Ready-to-use VSCode setup to preview/convert markdown documents

System utilities

7.3k

Testing TLS/SSL encryption anywhere on any port

Testing TLS/SSL encryption anywhere on any port

System utilities

519

Vegile - Ghost In The Shell

Vegile is a tool for Post exploitation Techniques in linux. Post Exploitation techniques will ensure that we maintain some level of access and can potentially lead to deeper footholds into our targets trusted network.