GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hardenedlinux → TraditionalMitigation

hardenedlinux / TraditionalMitigation

Licence: Apache-2.0 license
Traditional Mitigation in GCC to defend Memory Corruption Vulnerability

Programming Languages

c
50402 projects - #5 most used programming language
shell
77523 projects
Makefile
30231 projects

Labels

gccvulnerabilitydefencememory-corruption

Projects that are alternatives of or similar to TraditionalMitigation

gradejs
GradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+2162.5%)
Mutual labels:  vulnerability
break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Stars: ✭ 53 (+231.25%)
Mutual labels:  vulnerability
quickstart-fortran
An easy Windows installer for GFortran and the Fortran Package Manager
Stars: ✭ 44 (+175%)
Mutual labels:  gcc
dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+4418.75%)
Mutual labels:  vulnerability
weblogic honeypot
WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (+87.5%)
Mutual labels:  vulnerability
overflow
A command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+312.5%)
Mutual labels:  vulnerability
build-gcc
Shell scripts to build various gcc cross-compilers (primarily djgpp)
Stars: ✭ 34 (+112.5%)
Mutual labels:  gcc
pipeVFX
A Visual Effects pipeline to manage jobs, shots and software assignment, with a simple asset manager. Its extensively integrated with CortexVFX and Gaffer. (and it builds booth, with support for Maya, Houdini and Nuke, if you have then installed!)
Stars: ✭ 47 (+193.75%)
Mutual labels:  gcc
SAP vulnerabilities
DoS PoC's for SAP products
Stars: ✭ 47 (+193.75%)
Mutual labels:  vulnerability
homebrew-macos-cross-toolchains
macOS cross compiler toolchains
Stars: ✭ 404 (+2425%)
Mutual labels:  gcc
trivy-vulnerability-explorer
Web application that allows to load a Trivy report in json format and displays the vulnerabilities of a single target in an interactive data table.
Stars: ✭ 63 (+293.75%)
Mutual labels:  vulnerability
vmware guest auth bypass
Proof of concept of VMSA-2017-0012
Stars: ✭ 42 (+162.5%)
Mutual labels:  vulnerability
PuzzleBox
Generate 3D puzzle box (OpenSCAD source)
Stars: ✭ 92 (+475%)
Mutual labels:  gcc
gcc-cross-compiler
A script to cross-compile GCC toolchain for various target architectures.
Stars: ✭ 32 (+100%)
Mutual labels:  gcc
apachrot
Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (+31.25%)
Mutual labels:  vulnerability
rsGen
rsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+343.75%)
Mutual labels:  vulnerability
Vehicle-Security-Toolkit
汽车/安卓/固件/代码安全测试工具集
Stars: ✭ 367 (+2193.75%)
Mutual labels:  vulnerability
vulnscan
A static binary vulnerability scanner
Stars: ✭ 47 (+193.75%)
Mutual labels:  vulnerability
safelog4j
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (+137.5%)
Mutual labels:  vulnerability
C-Cpp-Coverage-for-CLion
Get coverage data in CLion using gcov or llvm-cov
Stars: ✭ 37 (+131.25%)
Mutual labels:  gcc
View All Similar Projects ➔

TraditionalMitigation

List all the traditional mitigations in compilers(GCC, Clang, etc.) to defend memory corruption

User space

  • Stack Protector

    • -fstack-protector, -fstack-protector-all, -fstack-protector-strong

  • Heap protection

    • enable by default

  • Double free checking

    • enable by default

  • Libc pointer encryption

    • enable by default

  • FORTIFY_SOURCE

    • -D_FORTIFY_SOURCE=2­-O2

  • Format String Protection

    • -Wformat ­-Wformat-security

  • PIC/PIE

    • -fPIC, -fPIE -pie

  • RELRO

    • -Wl,-z,relro,-z,now

  • Stack clash protection

    • -fstack-clash-protection

Kernel space

  • Stack Protector

    • implemented in Linux Kernel

  • Slab/Slub/Slob Protection

    • implemented in Linux kernel

  • FORTIFY_SOURCE

    • implemented in Linux Kernel

  • NX

    • implemented in Linux Kernel

  • SMAP/SMEP

    • implemented in Linux kernel

  • ASLR(Address Space Layout Randomization)

    • implemented in Linux Kernel

  • KASLR(Kernel Address Space Layout Randomization)

    • implemented in Linux Kernel

References

[1] Secure Programming with GCC and GLibc

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].